diff options
Diffstat (limited to 'usr.bin/mktemp/mktemp.1')
-rw-r--r-- | usr.bin/mktemp/mktemp.1 | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/usr.bin/mktemp/mktemp.1 b/usr.bin/mktemp/mktemp.1 index 684db7a..a21d79c 100644 --- a/usr.bin/mktemp/mktemp.1 +++ b/usr.bin/mktemp/mktemp.1 @@ -54,8 +54,10 @@ The .Nm utility takes each of the given file name templates and overwrites a -portion of it to create a file name. This file name is unique -and suitable for use by the application. The template may be +portion of it to create a file name. +This file name is unique +and suitable for use by the application. +The template may be any file name with some number of .Ql X Ns s appended @@ -110,12 +112,16 @@ The .Nm utility is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with -the pid as a suffix and use that as a temporary file name. This +the pid as a suffix and use that as a temporary file name. +This kind of naming scheme is predictable and the race condition it creates -is easy for an attacker to win. A safer, though still inferior, approach -is to make a temporary directory using the same naming scheme. While +is easy for an attacker to win. +A safer, though still inferior, approach +is to make a temporary directory using the same naming scheme. +While this does allow one to guarantee that a temporary file will not be -subverted, it still allows a simple denial of service attack. For these +subverted, it still allows a simple denial of service attack. +For these reasons it is suggested that .Nm be used instead. @@ -125,7 +131,8 @@ The available options are as follows: .It Fl d Make a directory instead of a file. .It Fl q -Fail silently if an error occurs. This is useful if +Fail silently if an error occurs. +This is useful if a script does not want error output to go to standard error. .It Fl t Ar prefix Generate a template (using the supplied @@ -136,11 +143,14 @@ if set) to create a filename template. .It Fl u Operate in .Dq unsafe -mode. The temp file will be unlinked before +mode. +The temp file will be unlinked before .Nm -exits. This is slightly better than +exits. +This is slightly better than .Xr mktemp 3 -but still introduces a race condition. Use of this +but still introduces a race condition. +Use of this option is not encouraged. .El .Sh DIAGNOSTICS |