Python temp files

Recently I was wondering how to properly manage temporary files in Python. I've been sort of abusing a home grown and imperfect solution (it worked) and I was doing it again. Using tempfile was one alternative, but I'd seen the comment on mktemp() (don't trust it) which was how I'd wound up where I was.

The ActiveState Python Cookbook has a pretty good discussion. The best solution (the one I'd use if I were working on a server application instead of a bunch of development tools that access our provisioning and authentication APIs) seems to be subProcess.py by Pádraig Brady.

For a basic script, the simple tempfile idiom recommended by Tobias Polzin in save_popen2 seems reasonable after looking at the code for mktemp() (in tempfile.py) but there's a huge hole there if you're squirting around confidential data on an ongoing basis. It lays claim to a filename that doesn't exist, without actually creating it, leaving you open to more than one thread (or application for that matter) claiming the same file. The mkstemp() function might be a better idea (at least it grabs the file) but because it is set to self destruct, that's a problem if the file is passed to a process (or internal call) that closes it. That's the situation I'm in right now.

I learned a lot this past week (while on vacation?) and finally started digging around in the core Python library code. I was hoping to find a better situation but I've been disappointed with how hard it is to do well in every language I've ever used, no surprises here. You're on your own when it comes to launching external processes and managing the basic pipes that are the lifeblood of modern stitched together apps.