From 27f376451958d51c1b0b8c8820fb2a85ef7ba4ce Mon Sep 17 00:00:00 2001 From: Josh Triplett Date: Wed, 20 Jan 2021 11:24:47 -0800 Subject: [PATCH] Document security implications of std::env::temp_dir Update the sample code to not create an insecure temporary file. --- library/std/src/env.rs | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/library/std/src/env.rs b/library/std/src/env.rs index b0fceb9b2f669..9763a2da34151 100644 --- a/library/std/src/env.rs +++ b/library/std/src/env.rs @@ -561,6 +561,13 @@ pub fn home_dir() -> Option { /// Returns the path of a temporary directory. /// +/// The temporary directory may be shared among users, or between processes +/// with different privileges; thus, the creation of any files or directories +/// in the temporary directory must use a secure method to create a uniquely +/// named file. Creating a file or directory with a fixed or predictable name +/// may result in "insecure temporary file" security vulnerabilities. Consider +/// using a crate that securely creates temporary files or directories. +/// /// # Unix /// /// Returns the value of the `TMPDIR` environment variable if it is @@ -580,14 +587,10 @@ pub fn home_dir() -> Option { /// /// ```no_run /// use std::env; -/// use std::fs::File; /// -/// fn main() -> std::io::Result<()> { +/// fn main() { /// let mut dir = env::temp_dir(); -/// dir.push("foo.txt"); -/// -/// let f = File::create(dir)?; -/// Ok(()) +/// println!("Temporary directory: {}", dir.display()); /// } /// ``` #[stable(feature = "env", since = "1.0.0")]