Code to more securely create anonymous temp files on Linux

2023-01-26 11:34:46 +05:30 · 2023-01-26 11:34:46 +05:30 · 4185e30d73
commit 4185e30d73
parent 3a126ffa9d
2 changed files with 64 additions and 0 deletions
--- a/tools/utils/tmpfile_linux.go
+++ b/tools/utils/tmpfile_linux.go
@ -0,0 +1,39 @@
+//go:build linux
+
+// License: GPLv3 Copyright: 2023, Kovid Goyal, <kovid at kovidgoyal.net>
+package utils
+
+import (
+	"fmt"
+	"os"
+	"strconv"
+
+	"golang.org/x/sys/unix"
+)
+
+var _ = fmt.Print
+
+func CreateAnonymousTemp(dir string) (*os.File, error) {
+	if dir == "" {
+		dir = os.TempDir()
+	}
+	fd, err := unix.Open(dir, unix.O_RDWR|unix.O_TMPFILE|unix.O_CLOEXEC, 0600)
+
+	if err == nil {
+		path := "/proc/self/fd/" + strconv.FormatUint(uint64(fd), 10)
+		return os.NewFile(uintptr(fd), path), nil
+	}
+	if err == unix.ENOENT {
+		return nil, err
+	}
+	f, err := os.CreateTemp(dir, "")
+	if err != nil {
+		return nil, err
+	}
+	err = os.Remove(f.Name())
+	if err != nil {
+		f.Close()
+		return nil, err
+	}
+	return f, err
+}
--- a/tools/utils/tmpfile_others.go
+++ b/tools/utils/tmpfile_others.go
@ -0,0 +1,25 @@
+//go:build !linux
+
+// License: GPLv3 Copyright: 2023, Kovid Goyal, <kovid at kovidgoyal.net>
+
+package utils
+
+import (
+	"fmt"
+	"os"
+)
+
+var _ = fmt.Print
+
+func CreateAnonymousTemp(dir string) (*os.File, error) {
+	f, err := os.CreateTemp(dir, "")
+	if err != nil {
+		return nil, err
+	}
+	err = os.Remove(f.Name())
+	if err != nil {
+		f.Close()
+		return nil, err
+	}
+	return f, err
+}