309 lines
10 KiB
Text
309 lines
10 KiB
Text
# AUTHOR <EMAIL@ADDRESS>, YEAR.
|
|
#
|
|
# Translators:
|
|
msgid ""
|
|
msgstr ""
|
|
"Project-Id-Version: Defensive Coding Guide\n"
|
|
"POT-Creation-Date: 2013-03-12T03:19:45\n"
|
|
"PO-Revision-Date: 2013-03-19 15:29+0000\n"
|
|
"Last-Translator: Automatically generated\n"
|
|
"Language-Team: Tibetan <trans-bo@lists.fedoraproject.org>\n"
|
|
"MIME-Version: 1.0\n"
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
"Content-Transfer-Encoding: 8bit\n"
|
|
"Language: bo\n"
|
|
"Plural-Forms: nplurals=1; plural=0;\n"
|
|
|
|
#. Tag: title
|
|
#, no-c-format
|
|
msgid "Temporary files"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"In this chapter, we describe how to create temporary files and directories, "
|
|
"how to remove them, and how to work with programs which do not create files "
|
|
"in ways that a safe with a shared directory for temporary files. General "
|
|
"file system manipulation is treated in a separate chapter, <xref linkend"
|
|
"=\"chap-Defensive_Coding-Tasks-File_System\" />."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "Secure creation of temporary files has four different aspects."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The location of the directory for temporary files must be obtained in a "
|
|
"secure manner (that is, untrusted environment variables must be ignored, see"
|
|
" <xref linkend=\"sect-Defensive_Coding-Tasks-secure_getenv\" />)."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"A new file must be created. Reusing an existing file must be avoided (the "
|
|
"<filename class=\"directory\">/tmp</filename> race condition). This is "
|
|
"tricky because traditionally, system-wide temporary directories shared by "
|
|
"all users are used."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The file must be created in a way that makes it impossible for other users "
|
|
"to open it."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "The descriptor for the temporary file should not leak to subprocesses."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "All functions mentioned below will take care of these aspects."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Traditionally, temporary files are often used to reduce memory usage of "
|
|
"programs. More and more systems use RAM-based file systems such as "
|
|
"<literal>tmpfs</literal> for storing temporary files, to increase "
|
|
"performance and decrease wear on Flash storage. As a result, spooling data "
|
|
"to temporary files does not result in any memory savings, and the related "
|
|
"complexity can be avoided if the data is kept in process memory."
|
|
msgstr ""
|
|
|
|
#. Tag: title
|
|
#, no-c-format
|
|
msgid "Obtaining the location of temporary directory"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Some functions below need the location of a directory which stores temporary"
|
|
" files. For C/C++ programs, use the following steps to obtain that "
|
|
"directory:"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Use <function>secure_getenv</function> to obtain the value of the "
|
|
"<literal>TMPDIR</literal> environment variable. If it is set, convert the "
|
|
"path to a fully-resolved absolute path, using <literal>realpath(path, "
|
|
"NULL)</literal>. Check if the new path refers to a directory and is "
|
|
"writeable. In this case, use it as the temporary directory."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "Fall back to <filename class=\"directory\">/tmp</filename>."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"In Python, you can use the <varname>tempfile.tempdir</varname> variable."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Java does not support SUID/SGID programs, so you can use the "
|
|
"<function>java.lang.System.getenv(String)</function> method to obtain the "
|
|
"value of the <literal>TMPDIR</literal> environment variable, and follow the "
|
|
"two steps described above. (Java's default directory selection does not "
|
|
"honor <literal>TMPDIR</literal>.)"
|
|
msgstr ""
|
|
|
|
#. Tag: title
|
|
#, no-c-format
|
|
msgid "Named temporary files"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The <function>mkostemp</function> function creates a named temporary file. "
|
|
"You should specify the <literal>O_CLOEXEC</literal> flag to avoid file "
|
|
"descriptor leaks to subprocesses. (Applications which do not use multiple "
|
|
"threads can also use <function>mkstemp</function>, but libraries should use "
|
|
"<function>mkostemp</function>.) For determining the directory part of the "
|
|
"file name pattern, see <xref linkend=\"chap-Defensive_Coding-Tasks-"
|
|
"Temporary_Files-Location\" />."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The file is not removed automatically. It is not safe to rename or delete "
|
|
"the file before processing, or transform the name in any way (for example, "
|
|
"by adding a file extension). If you need multiple temporary files, call "
|
|
"<function>mkostemp</function> multiple times. Do not create additional file "
|
|
"names derived from the name provided by a previous "
|
|
"<function>mkostemp</function> call. However, it is safe to close the "
|
|
"descriptor returned by <function>mkostemp</function> and reopen the file "
|
|
"using the generated name."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The Python class <literal>tempfile.NamedTemporaryFile</literal> provides "
|
|
"similar functionality, except that the file is deleted automatically by "
|
|
"default. Note that you may have to use the <literal>file</literal> attribute"
|
|
" to obtain the actual file object because some programming interfaces cannot"
|
|
" deal with file-like objects. The C function <function>mkostemp</function> "
|
|
"is also available as <function>tempfile.mkstemp</function>."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"In Java, you can use the <function>java.io.File.createTempFile(String, "
|
|
"String, File)</function> function, using the temporary file location "
|
|
"determined according to <xref linkend=\"chap-Defensive_Coding-Tasks-"
|
|
"Temporary_Files-Location\" />. Do not use "
|
|
"<function>java.io.File.deleteOnExit()</function> to delete temporary files, "
|
|
"and do not register a shutdown hook for each temporary file you create. In "
|
|
"both cases, the deletion hint cannot be removed from the system if you "
|
|
"delete the temporary file prior to termination of the VM, causing a memory "
|
|
"leak."
|
|
msgstr ""
|
|
|
|
#. Tag: title
|
|
#, no-c-format
|
|
msgid "Temporary files without names"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The <function>tmpfile</function> function creates a temporary file and "
|
|
"immediately deletes it, while keeping the file open. As a result, the file "
|
|
"lacks a name and its space is deallocated as soon as the file descriptor is "
|
|
"closed (including the implicit close when the process terminates). This "
|
|
"avoids cluttering the temporary directory with orphaned files."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Alternatively, if the maximum size of the temporary file is known "
|
|
"beforehand, the <function>fmemopen</function> function can be used to create"
|
|
" a <literal>FILE *</literal> object which is backed by memory."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"In Python, unnamed temporary files are provided by the "
|
|
"<literal>tempfile.TemporaryFile</literal> class, and the "
|
|
"<literal>tempfile.SpooledTemporaryFile</literal> class provides a way to "
|
|
"avoid creation of small temporary files."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "Java does not support unnamed temporary files."
|
|
msgstr ""
|
|
|
|
#. Tag: title
|
|
#, no-c-format
|
|
msgid "Temporary directories"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The <function>mkdtemp</function> function can be used to create a temporary "
|
|
"directory. (For determining the directory part of the file name pattern, see"
|
|
" <xref linkend=\"chap-Defensive_Coding-Tasks-Temporary_Files-Location\" />.)"
|
|
" The directory is not automatically removed. In Python, this function is "
|
|
"available as <function>tempfile.mkdtemp</function>. In Java 7, temporary "
|
|
"directories can be created using the "
|
|
"<function>java.nio.file.Files.createTempDirectory(Path, String, "
|
|
"FileAttribute...)</function> function."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"When creating files in the temporary directory, use automatically generated "
|
|
"names, e.g., derived from a sequential counter. Files with externally "
|
|
"provided names could be picked up in unexpected contexts, and crafted names "
|
|
"could actually point outside of the tempoary directory (due to "
|
|
"<emphasis>directory traversal</emphasis>)."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Removing a directory tree in a completely safe manner is complicated. Unless"
|
|
" there are overriding performance concerns, the "
|
|
"<application>rm</application> program should be used, with the "
|
|
"<option>-rf</option> and <option>--</option> options."
|
|
msgstr ""
|
|
|
|
#. Tag: title
|
|
#, no-c-format
|
|
msgid "Compensating for unsafe file creation"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"There are two ways to make a function or program which excepts a file name "
|
|
"safe for use with temporary files. See <xref linkend=\"sect-"
|
|
"Defensive_Coding-Tasks-Processes-Creation\" />, for details on subprocess "
|
|
"creation."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Create a temporary directory and place the file there. If possible, run the "
|
|
"program in a subprocess which uses the temporary directory as its current "
|
|
"directory, with a restricted environment. Use generated names for all files "
|
|
"in that temporary directory. (See <xref linkend=\"chap-Defensive_Coding-"
|
|
"Tasks-Temporary_Directory\" />.)"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"Create the temporary file and pass the generated file name to the function "
|
|
"or program. This only works if the function or program can cope with a zero-"
|
|
"length existing file. It is safe only under additional assumptions:"
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"The function or program must not create additional files whose name is "
|
|
"derived from the specified file name or are otherwise predictable."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "The function or program must not delete the file before processing it."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid "It must not access any existing files in the same directory."
|
|
msgstr ""
|
|
|
|
#. Tag: para
|
|
#, no-c-format
|
|
msgid ""
|
|
"It is often difficult to check whether these additional assumptions are "
|
|
"matched, therefore this approach is not recommended."
|
|
msgstr ""
|