How to createTempFile on non FileSystem.SYSTEM

[yschimke]

FileSystem.SYSTEM_TEMPORARY_DIRECTORY exists, but not an equivalent of File.createTempFile.

Wondering whether this is in scope?

As is, I might need to check if FileSystem.SYSTEM is used and then call File.createTempFile, and in other cases just implement my own logic. It may make sense to always use "my own logic", but figured I'd ask.

Alternatively, a TempFilesystem with different characteristics (deletes?, in a safe directory for atomic moves?), that is an overlay on a base file system?

Please close if this is out of scope, it's a half formed thought at the moment.

[swankjesse]

There's a CVE on Guava cause they didn't lock down permissions on temp files. It wasn't a particularly useful attack, but it was particularly annoying because all supply chain tools insisted on upgrading Guava after it. (And Guava is also annoying to upgrade!)

So anything we do here should be defensive about that. Perhaps we should cover that in the FileSystem API always anyway? Just something that's at the top of my mind for temp files.

We also would benefit from an API like this in our own test suite!

Now... what does the API actually look like? I think probably we want to create a file with a random name and also toggle its permissions. I don't like deleteOnExit() because its best-effort and we can't do it on native or JS anyway.