SDL_filesystem: get temporary folder

[madebr]

Would it make sense to get the system-dependent temporary folder using the SDL_filesystem api? Or do we then also need to think about the bigger picture, and provide SDL alternatives of mkstemp and family?

These folder categories currently exist: https://github.com/libsdl-org/SDL/blob/16ff7503b7baac7f92f2274d73cca944f0a97337/include/SDL3/SDL_filesystem.h#L166-L192

[Semphriss]

I planned to keep SDL_Folder and SDL_GetUserFolder for folders that are managed by the user and whose path depend on the users' preferences and other settings; I describe it with more detail in https://github.com/libsdl-org/SDL/issues/9538#issuecomment-2071222957, https://github.com/libsdl-org/SDL/issues/8051 and https://github.com/libsdl-org/SDL/pull/7665#discussion_r1185376811.

In short: I wanted to "do one thing and do it well". The function is meant to return folders that are under the user's control like "My Stuff", and I preferred to keep folders that would need further OS- or app-dependant treatment (like mktemp, the Trash folder, AppData or the OS readonly font folder) for different functions. My linked comments go more in detail.

I'd support adding other OS-specific folders, but I would encourage writing their own functions for them, since each of them would need some special functionality and may require additional parameters (Trash folder needs to remember the files' original locations, mktemp has code to generate a safe temp folder, etc).

---

Assuming we decide to stick to my vision of things, @slouken should I rename the SDL_Folder enum to SDL_UserFolder?

[madebr]

My current use case for getting a temporary path is for testing redirection of process stdin/stdout/stderr to/from a file.

[Semphriss]

Should an eventual SDL_CreateTempFile/Folder return a path or an IOStream object? The latter would reduce the chances of timing attacks in cases where the contents of the temp file are sensitive.

[slouken]

It should return an IOStream object, though we should probably add a file path property.

[Semphriss]

I believe I read that some systems can create temporary files that don't have path equivalents, only file descriptors, but now I can't find those functions anymore so I'm not sure if it's relevant to mention them.

[slouken]

I believe I read that some systems can create temporary files that don't have path equivalents, only file descriptors, but now I can't find those functions anymore so I'm not sure if it's relevant to mention them.

I think you're thinking of mkstemp: https://man7.org/linux/man-pages/man3/mkstemp.3.html

[Semphriss]

mkstemp creates a file that has a path equivalent, which is formatted according to its only argument (most commonly something like /tmp/tmp.XXXXXX). I'm thinking of a function that creates a file that does not have any path, e. g. cannot be accessed by any path.

[slouken]

Ah, gotcha.

[Semphriss]

After some more research, it appears that tmpfile most closely approaches what I think I saw, except that the docs directly mention the filename. I distinctly remember one where it was an extra security feature that the file didn't have a name at all, and was accessible only through its file descriptor.

No matter what terms I search for, I cannot find anything about such a function. If I trust my usual luck, I will find nothing, start thinking I've hallucinated that function, and give up, and the moment the API is settled on beyond any further modification, I'll finally find it.

[NekkoDroid]

You might be thinking of memfd_create https://man7.org/linux/man-pages/man2/memfd_create.2.html

[v1993]

There's also O_TMPFILE flag for open on Linux: https://man7.org/linux/man-pages/man2/open.2.html; a major difference from memfd_create is that the resulting descriptor is backed by file system rather than memory. It's used by tmpfile on Linux under the hood, see: https://github.com/bminor/glibc/blob/751a5502bea1d13551c62c47bb9bd25bff870cda/stdio-common/tmpfile.c#L46 and https://github.com/bminor/glibc/blob/751a5502bea1d13551c62c47bb9bd25bff870cda/sysdeps/unix/sysv/linux/gentempfd.c#L27-L28.