== Using the tempfile module to get temporary files

Courtesy of [[Planet Python http://www.planetpython.org/]], I stumbled
over Peter Bengtsson's [[puzzlement
http://www.peterbe.com/plog/tempfile]] with Python's [[tempfile module
http://www.python.org/doc/current/lib/module-tempfile.html]],
especially the _mkstemp()_ function. It's an understandable
puzzlement, because what's going on is fairly tied to Unix semantics
(although Python supports _mkstemp()_ on all platforms).

The tempfile module's _mkstemp()_ is a relatively thin shim over the
Unix _mkstemp(3)_ library routine, which exists to securely create
temporary files. This is more difficult than it looks; there are all
sorts of race conditions, which can lead to security problems.

~~Update~~: I'm completely wrong here. Python's _mkstemp()_ doesn't
call _mkstemp(3)_; instead it (re)implements the general algorithm
and interface. This means that _mkstemp()_ doesn't automatically
use any special or necessary tricks done in your platform C library
_mkstemp(3)_.

Many of these issues are ultimately caused by the difference between
file names and files. Put crudely, people exploit the race conditions
by changing what file a given file name points to (there are a number
of ways to do this). _mkstemp(3)_ takes steps to guarantee that the
*file* it creates is a new temporary file, but it cannot be absolutely
sure that the file name will continue to point to it, so it returns
the file (as well as the name).

Because this is Unix, the file is returned in the form of a file
descriptor, which the [[os module
http://www.python.org/doc/current/lib/module-os.html]] deals with.
The best way to do anything with this is to turn it into a Python file
object with _os.fdopen()_. Sample code is:

>  import os, tempfile
>  def filetemp():
>    (fd, fname) = tempfile.mkstemp()
>    return (os.fdopen(fd, "w+b"), fname)

This is more or less what the [[tempfile module]]'s _TemporaryFile_
class does to return a file-like object. (They are real file objects
on Unix but wrapped objects on other platforms.)

(The OpenBSD [[mkstemp(3)
http://www.openbsd.org/cgi-bin/man.cgi?query=mkstemp&sektion=3&arch=i386&apropos=0&manpath=OpenBSD+Current]]
manpage has some additional information and commentary that may be
useful.)