[OE-core] [PATCH] patch.bbclass: increase security
Enrico Scholz
enrico.scholz at sigma-chemnitz.de
Fri Sep 14 14:18:50 UTC 2012
Constantin Musca
<constantinx.musca-ral2JQCrhuEAvxtiuMwx3w at public.gmane.org> writes:
> + process_tmpdir = tempfile.mkdtemp(prefix=str(os.getpid()))
fwiw, prefix is usually something which identifies the origin of the
tempfile. getpid() does not make much sense here; it might be better to
use something like 'bitbake-patch' or so.
> if os.path.exists(process_tmpdir):
this will trigger everytime becuase 'mkdtemp()' creates the directory.
> + bb.utils.remove(process_tmpdir, True)
this lowers the just gained security... :(
> os.makedirs(process_tmpdir)
not needed
---> a plain
| process_tmpdir = tempfile.mkdtemp()
| os.environ['TMPDIR'] = process_tmpdir
suffices (add a custom prefix when you really want it).
Enrico
--
SIGMA Chemnitz GmbH Registergericht: Amtsgericht Chemnitz HRB 1750
Am Erlenwald 13 Geschaeftsfuehrer: Grit Freitag, Frank Pyritz
09128 Chemnitz
More information about the Openembedded-core
mailing list