A new version of ns_conn creates an list of files: ns_conn files, I think this is in 4.0. Since the code exists, it would be nice to use that method in the future, avoiding the hack of checking for query vars ending in .tmpfile. I seem to remember the query processing code being more efficient. The 3.4.2 version copied the query to a file and then parsed that file, creating new files for each file uploaded in the form. The new version goes directly from the posted data to the separate files, putting the filenames in the ns_conn.
My solution was to patch the C file and patch the form.tcl file, and Rob Mayoff suggested using a different C routine that creates a secure temp file (patching ns_tmpname?). OpenACS may turn out to be fairly easy to fix in any case, if most of the file uploads are handled through ad_page_contract.
Let me find the emails on the subject, and I'll post my version of the files for 3.4.2.
