[m-rev.] for review: Improve Mercury's temporary files and directories predicates.

Peter Wang novalazy at gmail.com
Wed Apr 13 14:29:06 AEST 2016

Previous message: [m-rev.] for review: Improve Mercury's temporary files and directories predicates.
Next message: [m-rev.] diff: better error messages for arg type/mode errors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 13 Apr 2016 13:34:11 +1000, Paul Bone <paul at bone.id.au> wrote:
> For review by anyone.
> 
> I don't really know C# and have even less knowledge of Erlang.  I've not
> implemented these for the Erlang backend and a reviewer may wish to
> scrutinze the C# code in particular.
> 
> Thanks.
> 
> ---
> 
> Improve Mercury's temporary files and directories predicates.
> 
>  + Add support for retriving the system/user's temporary directory.
>  + Add support for creating temporary directories.
> 
> library/io.m:
>     Add temp_directory/3

get_temp_directory seems to fit the rest of io.m better.

> diff --git a/library/io.m b/library/io.m
> index b685315..3195532 100644
> --- a/library/io.m
> +++ b/library/io.m
> @@ -1312,8 +1312,65 @@
>      % It is the responsibility of the program to delete the file when it is
>      % no longer needed.
>      %
> -    % The file will reside in an implementation-dependent directory.
> -    % For current Mercury implementations, it is determined as follows:
> +    % The file is placed in the directory returned by temp_directory/3.
> +    %
> +    % This is insecure on the Erlang backend, file permissions are not set
> +    % properly.
> +    %
> +:- pred make_temp(string::out, io::di, io::uo) is det.
> +
> +    % make_temp(Dir, Prefix, Name, !IO) creates an empty file whose
> +    % name is different to the name of any existing file. The file will reside
> +    % in the directory specified by `Dir' and will have a prefix using up to
> +    % the first 5 characters of `Prefix'. Name is bound to the name of the
> +    % file. It is the responsibility of the program to delete the file
> +    % when it is no longer needed.
> +    %
> +    % The C# backend has the following limitations:
> +    %   + Dir is ignored.
> +    %   + Prefix is ignored.
> +    %
> +    % This is insecure on the Erlang backend, file permissions are not set
> +    % properly.
> +    %
> +:- pred make_temp(string::in, string::in, string::out, io::di, io::uo)
> +    is det.
> +

The documentation more commonly uses hyphens for bullets.

I don't like "insecure" as it implies that everything else is somehow
"secure".  Some would consider the entire make_temp interface "insecure"
as it returns a filename instead of an open file descriptor.  The
non-mkstemp C implementation produces highly guessable paths, too.

"properly" is too vague.  Please state exactly what it does wrong,
e.g. the temporary file is not created with mode 0600.

Peter

Previous message: [m-rev.] for review: Improve Mercury's temporary files and directories predicates.
Next message: [m-rev.] diff: better error messages for arg type/mode errors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the reviews mailing list