How can you create a temporary FIFO (named pipe) in Python? This should work:
import tempfile temp_file_name = mktemp() os.mkfifo(temp_file_name) open(temp_file_name, os.O_WRONLY) # ... some process, somewhere, will read it ...
However, I'm hesitant because of the big warning in Python Docs 11.6 and potential removal because it's deprecated.
EDIT: It's noteworthy that I've tried tempfile.NamedTemporaryFile
(and by extension tempfile.mkstemp
), but os.mkfifo
throws:
OSError -17: File already exists
when you run it on the files that mkstemp/NamedTemporaryFile have created.
To create a FIFO(named pipe) and use it in Python, you can use the os. mkfifo(). But mkfifo fails with File exists exception if file already exists. In order to avoid that, you can put it in a try-except block.
The named pipe is created with the mkfifo system call. A named pipe is much like a traditional pipe, created with the pipe system call. However, while pipe provides access via two file descriptors, the named pipe is accessed via the filesystem at a path. #include <sys/types.
mkfifo() creates a new FIFO special file, pathname. The file permission bits in mode are changed by the file creation mask of the process, and then used to set the file permission bits of the FIFO file being created. If pathname contains a symbolic link, mkfifo() fails.
os.mkfifo()
will fail with exception OSError: [Errno 17] File exists
if the file already exists, so there is no security issue here. The security issue with using tempfile.mktemp()
is the race condition where it is possible for an attacker to create a file with the same name before you open it yourself, but since os.mkfifo()
fails if the file already exists this is not a problem.
However, since mktemp()
is deprecated you shouldn't use it. You can use tempfile.mkdtemp()
instead:
import os, tempfile tmpdir = tempfile.mkdtemp() filename = os.path.join(tmpdir, 'myfifo') print filename try: os.mkfifo(filename) except OSError, e: print "Failed to create FIFO: %s" % e else: fifo = open(filename, 'w') # write stuff to fifo print >> fifo, "hello" fifo.close() os.remove(filename) os.rmdir(tmpdir)
EDIT: I should make it clear that, just because the mktemp()
vulnerability is averted by this, there are still the other usual security issues that need to be considered; e.g. an attacker could create the fifo (if they had suitable permissions) before your program did which could cause your program to crash if errors/exceptions are not properly handled.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With