Refactor: Path.GetTempFileName() is considered insecure in certain scenarios #23037
Conversation
|
Hey there @guilhermelinosp! Thank you so much for your PR! Someone from the team will get assigned to your PR shortly and we'll get it reviewed. |
|
Why are you creating so many PRs and closing them immediately? :) |
|
I changed the branch name and the PR closed, then I opened it again |
PureWeen
added
the
area-drawing
| _tempFilePath = Path.GetTempFileName(); | ||
| _tempFilePath = Path.GetRandomFileName(); |
There was a problem hiding this comment.
Can you share a link discussing GetTempFileName()? The one I found was:
I actually don't think this code is correct, as GetTempFileName() returns a full path and you have to use Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()) otherwise.
Did you also check the entire codebase? I find it hard to believe this was used in one place.
There was a problem hiding this comment.
If we really want to "ban" GetTempFileName() we could also list it here:
And anyone would get a build error if they used it in a non-test project.
|
Can you also open an issue in the dotnet runtime repo? Rather that working around the few case maui has, the whole dotnet system should either fix or avoid it. |
|
Closing this for the time being. Please raise an issue/discussion addressing @jonathanpeppers questions and then we can get a PR reviewed and merged |
Description of Change
Replaced
Path.GetTempFileName()withPath.GetRandomFileName()to prevent insecure temporary file creation, mitigating race condition issues and enhancing security.Use
Path.GetRandomFileName()and manually create the file securely, ensuring atomic creation with non-predictable names. This mitigates the risk of race conditions and unauthorized access.Issues Fixed