[OE-core] [PATCH] patch.bbclass: Use one TMPDIR per patching process
Enrico Scholz
enrico.scholz at sigma-chemnitz.de
Fri Sep 14 11:28:31 UTC 2012
Constantin Musca
<constantinx.musca-ral2JQCrhuEAvxtiuMwx3w at public.gmane.org> writes:
> + process_tmpdir = os.path.join('/tmp', str(os.getpid()))
> + if os.path.exists(process_tmpdir):
> + shutil.rmtree(process_tmpdir)
> + os.makedirs(process_tmpdir)
ooohhhh... this violates trivial rules regarding secure generation of
tempfiles. Better use 'mkdtemp()' from the 'tempfile' module.
Enrico
More information about the Openembedded-core
mailing list