RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2025-03-11 02:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

misc: Use tempfile.mkstemp() instead of tempnam

Browse Source 
tempnam() is considered an unsafe security risk because the filename
generated is easy to guess and can be symlinked in advance.  Use
mkstemp() instead.

Signed-off-by: Sam Lang <sam.lang@inktank.com>
Reviewed-by: Joe Buck <jbbuck@gmail.com>
This commit is contained in:
Sam Lang 2013-04-12 15:52:47 -05:00
parent 35e6db72a1
commit 3b0d91533e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
teuthology/misc.py
View File

@ -399,7 +399,7 @@ def remove_lines_from_file(remote, path, line_is_valid_test, string_to_test_for)
move_file(remote, temp_file_path, path) move_file(remote, temp_file_path, path)
def append_lines_to_file(remote, path, lines, sudo=False): def append_lines_to_file(remote, path, lines, sudo=False):
temp_file_path = get_remote_tempnam(remote) temp_file_path = remote_mktemp(remote)
data = get_file(remote, path, sudo) data = get_file(remote, path, sudo)
@ -413,14 +413,14 @@ def append_lines_to_file(remote, path, lines, sudo=False):
# then do a 'mv' to the actual file location # then do a 'mv' to the actual file location
move_file(remote, temp_file_path, path) move_file(remote, temp_file_path, path)
def get_remote_tempnam(remote, sudo=False): def remote_mktemp(remote, sudo=False):
args = [] args = []
if sudo: if sudo:
args.append('sudo') args.append('sudo')
args.extend([ args.extend([
'python', 'python',
'-c', '-c',
'import os; print os.tempnam()' 'import os; import tempfile; (fd,fname) = tempfile.mkstemp(); fd.close(); print fname.rstrip()'
]) ])
proc = remote.run( proc = remote.run(
args=args, args=args,