tags:

views:

927

answers:

5
Q: 

How to generate random file name under Linux?

I want to make a small program which use local namespace socket and I will need to use temporary file name as address of the socket.

So how to generate random file name under Linux?

+ I'm using the C programming language under Debian Linux.
+ Acoording to the GNU C Library Reference,tmpname is not safe.But the safe ones tmpfile and mkstemp create and open the generated file.Is there any safe and non-create-open to this.In other words, the function should forbidden any other request to create the generated file name under specific directory.

thanks.

A: 

In C, there is mktemp, and tmpnam, but these are not considered secure.

Kinopiko  2009-11-09 05:40:11
`mktemp` is also contra-indicated, as on some unixes it could have as few as 26 (!) possible results. It also leaves a race which can lead to a security hole - an attacker can guess what your filename will be and create a symlink from there to a file to overwrite. You should use `mkstemp` or `mkdtemp` instead - these atomically create the file or directory for you.
bdonlan  2009-11-09 05:50:24
Thanks for your comments. I've altered this to community wiki so please feel free to downvote it as a bad practice.
Kinopiko  2009-11-09 06:01:24
A: 

You didn't specify the language you are using, but assuming it is a C/C++ dialect (or some other language with access to the C runtime library), you could use the tmpnam function.

There are some issues with tmpnam, the most serious of which is probably that the temporary file name you get back isn't actually "locked" until you use it to create a file, so theoretically some other process could create the file out from under you. You also have to make absolutely sure the buffer you pass tmpnam has enough space to hold the longest path your OS can support.

These days it is recommended that you call tmpfile instead. This will create the file for you in one (hopefully atomic) operation, and give you back a file handle. Another nice benefit is that the file is deleted for you automatically when you close it. No muss, no fuss.

Gene Goykhman  2009-11-09 05:41:23
`tmpfile` returns a `FILE *`, not a path - not much help when the OP wants to open a unix domain socket.
bdonlan  2009-11-09 06:07:56
+1  A: 

There is /bin/mktemp which is available as part of GNU coreutils. See it's manpage for details.

sanmai  2009-11-09 05:45:11
+2  A: 

If you're doing this in C, use mkdtemp to create a directory, and put your socket inside this directory.

Other functions such as tmpnam or mktemp are insecure; since they don't create and open the temp file for you, it's easy to be vulnerable to following a pre-existing symlink (placed by an attacker who guessed your temp filename) to some important file (like /etc/passwd), overwriting it.

Note that there's no way to 'lock' a path - all you can do is create something there. If you need to put a socket there eventually, using a directory as a placeholder is your best bet.

bdonlan  2009-11-09 05:52:58
You shouldn't be creating important files in a directory that isn't secured with permissions or ACLs. Your comment that an attacker can symlink the file you're trying to create is irrelevant unless you're trying to create it in an insecure area (in which case you would deserve everything you get).
paxdiablo  2009-11-09 06:08:39
`/tmp` is secure enough if you create the directory or file safely - that is, create the file with `O_EXCL|O_NOFOLLOW`, and a umask that will prevent other users from accessing the file, being prepared to retry with a different filename if you fail. `mkdtemp()` takes care of this for you. So it's about the safest you can get without specific knowledge of the runtime environment.
bdonlan  2009-11-09 06:16:09
A: 

Play with /dev/random.

A quick search on google gave me this hit:

< /dev/urandom tr -dc A-Za-z0-9 | head -c8

If you would like to do the same in C, just open /dev/random and convert it into a string (ignore non valid chars).

Johan  2009-11-09 05:56:00

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS