[OE-core] [PATCH] patch.bbclass: increase security
Constantin Musca
constantinx.musca at intel.com
Fri Sep 14 13:51:59 UTC 2012
On 09/14/2012 05:18 PM, Enrico Scholz wrote:
>
> Constantin Musca
> <constantinx.musca-ral2JQCrhuEAvxtiuMwx3w at public.gmane.org> writes:
>
>> + process_tmpdir = tempfile.mkdtemp(prefix=str(os.getpid()))
> fwiw, prefix is usually something which identifies the origin of the
> tempfile. getpid() does not make much sense here; it might be better to
> use something like 'bitbake-patch' or so.
>
>
>> if os.path.exists(process_tmpdir):
> this will trigger everytime becuase 'mkdtemp()' creates the directory.
>
>> + bb.utils.remove(process_tmpdir, True)
> this lowers the just gained security... :(
>
>
>> os.makedirs(process_tmpdir)
> not needed
>
>
> ---> a plain
>
> | process_tmpdir = tempfile.mkdtemp()
> | os.environ['TMPDIR'] = process_tmpdir
>
> suffices (add a custom prefix when you really want it).
>
>
>
> Enrico
Is it ok now ? ([PATCH v2] patch.bbclass: increase security)
Constantin
More information about the Openembedded-core
mailing list