diff options
| author | Josh Triplett <josh@joshtriplett.org> | 2021-01-20 11:24:47 -0800 |
|---|---|---|
| committer | Josh Triplett <josh@joshtriplett.org> | 2021-01-20 11:24:47 -0800 |
| commit | 27f376451958d51c1b0b8c8820fb2a85ef7ba4ce (patch) | |
| tree | db941119d6f2846fc83336eac08932b8ada0ad16 | |
| parent | a4cbb44ae2c80545db957763b502dc7f6ea22085 (diff) | |
| download | rust-27f376451958d51c1b0b8c8820fb2a85ef7ba4ce.tar.gz rust-27f376451958d51c1b0b8c8820fb2a85ef7ba4ce.zip | |
Document security implications of std::env::temp_dir
Update the sample code to not create an insecure temporary file.
| -rw-r--r-- | library/std/src/env.rs | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/library/std/src/env.rs b/library/std/src/env.rs index b0fceb9b2f6..9763a2da341 100644 --- a/library/std/src/env.rs +++ b/library/std/src/env.rs @@ -561,6 +561,13 @@ pub fn home_dir() -> Option<PathBuf> { /// Returns the path of a temporary directory. /// +/// The temporary directory may be shared among users, or between processes +/// with different privileges; thus, the creation of any files or directories +/// in the temporary directory must use a secure method to create a uniquely +/// named file. Creating a file or directory with a fixed or predictable name +/// may result in "insecure temporary file" security vulnerabilities. Consider +/// using a crate that securely creates temporary files or directories. +/// /// # Unix /// /// Returns the value of the `TMPDIR` environment variable if it is @@ -580,14 +587,10 @@ pub fn home_dir() -> Option<PathBuf> { /// /// ```no_run /// use std::env; -/// use std::fs::File; /// -/// fn main() -> std::io::Result<()> { +/// fn main() { /// let mut dir = env::temp_dir(); -/// dir.push("foo.txt"); -/// -/// let f = File::create(dir)?; -/// Ok(()) +/// println!("Temporary directory: {}", dir.display()); /// } /// ``` #[stable(feature = "env", since = "1.0.0")] |