From 591788403a49a6f506ba67e130973fc89e1dea3e Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Fri, 25 Oct 2024 14:23:27 +0200 Subject: [PATCH] :sparkles: Add safer mechanism for tempfile naming Using a uuidv8 that has strong guarranties about councurrent ids generation that a simple random long --- backend/src/app/storage/tmp.clj | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/backend/src/app/storage/tmp.clj b/backend/src/app/storage/tmp.clj index 92cda29eb..376c6ae8b 100644 --- a/backend/src/app/storage/tmp.clj +++ b/backend/src/app/storage/tmp.clj @@ -11,13 +11,16 @@ permanently delete these files (look at systemd-tempfiles)." (:require [app.common.logging :as l] + [app.common.uuid :as uuid] [app.util.time :as dt] [app.worker :as wrk] [clojure.spec.alpha :as s] [datoteka.fs :as fs] [integrant.core :as ig] [promesa.exec :as px] - [promesa.exec.csp :as sp])) + [promesa.exec.csp :as sp]) + (:import + java.nio.file.Files)) (def default-tmp-dir "/tmp/penpot") @@ -76,11 +79,9 @@ [& {:keys [suffix prefix min-age] :or {prefix "penpot." suffix ".tmp"}}] - (let [path (fs/create-tempfile - :perms "rw-r--r--" - :dir default-tmp-dir - :suffix suffix - :prefix prefix)] + (let [attrs (fs/make-permissions "rw-r--r--") + path (fs/join default-tmp-dir (str prefix (uuid/next) suffix)) + path (Files/createFile path attrs)] (fs/delete-on-exit! path) (sp/offer! queue [path (some-> min-age dt/duration)]) path))