Temporary files: permissions and clean up

Description

When exporting from the account info window to OpenOffice (or Excel) iDempiere creates a temporary file in /tmp. This file is world readable (may be a security leak on multi user systems like terminal servers) and this file is never deleted (this is very annoying on a long running system like a terminal server).

The solution for the first part could be to change permissions (better, but I do not know yet how the Java API allows that for different platform filesystems) or to use a private tmp directory for all temporary files iDempiere creates.

The solution for the second part is to call File.deleteOnExit().

Issues of this kind may be in much more parts of the code. I we agree how we do it we should research more to find them.

Is there anybody using Windows and/or Mac willing to assist?

Environment

Linux

Activity

Show:
Thomas Bayen
February 7, 2013, 6:45 AM

Please see this code for my proposal how to deal with this:

https://bitbucket.org/tbayen/idempiere/commits/63d5c75fb705a9631ff4386cc77ef9468c0de677

An alternative would be to create a idempiere-specific (and perhaps user-specific) temporary directory inside of /tmp/ and set the system property "java.io.tmpdir".

WDYT?

I definitely will not test this on windows. Can someone help?

Thomas Bayen
December 18, 2013, 2:20 PM

We talked about this in the today meeting. The security issue is not a big issue in most environments. The problem of the uncleaned tmp directory is not best solved with deleteOnExit(). This uses Java resources and does not work if the JVM is killed for some reason: servers are often killed, memory leaks, etc. It is also not a good solution for long running servers. So this is mostly a swing issue.

A better solution is to clean the tmp directory from outside via cron. I give some links from the meeting here for help:

Thomas Bayen
December 18, 2013, 2:21 PM

Workaround with cron is a better solution.

Assignee

Thomas Bayen

Reporter

Thomas Bayen

Tested By

None

Components

Affects versions

Priority

Minor
Configure