[3.14] gh-137335: remove a mktemp use in multiprocessing.connection to avoid security...

author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>

Wed, 15 Apr 2026 00:06:25 +0000 (02:06 +0200)

committer GitHub <noreply@github.com>

Wed, 15 Apr 2026 00:06:25 +0000 (17:06 -0700)
author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Wed, 15 Apr 2026 00:06:25 +0000 (02:06 +0200)
committer GitHub <noreply@github.com>
Wed, 15 Apr 2026 00:06:25 +0000 (17:06 -0700)
diff --git a/Lib/multiprocessing/connection.py b/Lib/multiprocessing/connection.py

index a6e1b0c786284bcea0a60f1c00cfc0ceadd60220..f577186e91b0d4b9fb3196f19c2d42ca6ceadcdc 100644 (file)
--- a/Lib/multiprocessing/connection.py
+++ b/Lib/multiprocessing/connection.py
@@ -16,7 +16,6 @@ import os
  import sys
  import socket
  import struct
-import tempfile
  import time
  
  
@@ -77,7 +76,11 @@ def arbitrary_address(family):
      if family == 'AF_INET':
          return ('localhost', 0)
      elif family == 'AF_UNIX':
-        return tempfile.mktemp(prefix='sock-', dir=util.get_temp_dir())
+        # NOTE: util.get_temp_dir() is a 0o700 per-process directory. A
+        # mktemp-style ToC vs ToU concern is not important; bind() surfaces
+        # the extremely unlikely collision as EADDRINUSE.
+        return os.path.join(util.get_temp_dir(),
+                            f'sock-{os.urandom(6).hex()}')
      elif family == 'AF_PIPE':
          return (r'\\.\pipe\pyc-%d-%d-%s' %
                  (os.getpid(), next(_mmap_counter), os.urandom(8).hex()))
author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
	Wed, 15 Apr 2026 00:06:25 +0000 (02:06 +0200)
committer	GitHub <noreply@github.com>
	Wed, 15 Apr 2026 00:06:25 +0000 (17:06 -0700)