Directories should be locked

[bugdea1er]

To prevent deletion from another program and the same vulnerability we prevented in #165, the temporary directory should be locked to prevent an attacker from replacing its path with a symlink

• NTFS supports atomic mandatory locking when using CreateFile
• Some Linux systems support mandatory locking for tmpfs
• At the very least, advisory locking should be added to all systems, as discussed here

[bugdea1er]

When opening a directory for locking, signal handling should also be considered

Example for POSIX systems (source):

sigfillset(&set);
(void)_sigprocmask(SIG_BLOCK, &set, &oset);
<…>;
(void)_sigprocmask(SIG_SETMASK, &oset, NULL);

Example for Windows systems can be found here