From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 3 Apr 2012 17:30:37 +0000 (+0200)
Subject: Replace unsecure tmpfile creation.
X-Git-Tag: 0.9.22~29
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0184de6e9cd31ed14abbb918f4de6d3fe726d9c6;p=pakfire.git

Replace unsecure tmpfile creation.
---

diff --git a/python/pakfire/builder.py b/python/pakfire/builder.py
index 40218bf56..6008d66f7 100644
--- a/python/pakfire/builder.py
+++ b/python/pakfire/builder.py
@@ -26,6 +26,7 @@ import os
 import re
 import shutil
 import socket
+import tempfile
 import time
 import uuid
 
@@ -922,18 +923,6 @@ class Builder(object):
 			"LANG"             : "C",
 		}
 
-	def mktemp(self):
-		"""
-			Create a temporary file in the build environment.
-		"""
-		file = "/tmp/pakfire_%s" % util.random_string()
-
-		# Touch the file.
-		f = open(file, "w")
-		f.close()
-
-		return file
-
 	@property
 	def buildroot(self):
 		return self.pkg.buildroot
@@ -1015,22 +1004,22 @@ class Builder(object):
 				self._environ["ICECC_VERSION"] = "/tmp/%s" % m.group(1)
 
 	def create_buildscript(self, stage):
-		file = "/tmp/build_%s" % util.random_string()
-
 		# Get buildscript from the package.
 		script = self.pkg.get_buildscript(stage)
 
 		# Write script to an empty file.
-		f = open(file, "w")
+		f = tempfile.NamedTemporaryFile(mode="w", delete=False)
 		f.write("#!/bin/sh\n\n")
 		f.write("set -e\n")
 		f.write("set -x\n")
 		f.write("\n%s\n" % script)
 		f.write("exit 0\n")
 		f.close()
-		os.chmod(file, 700)
 
-		return file
+		# Make the script executable.
+		os.chmod(f.name, 700)
+
+		return f.name
 
 	def build(self):
 		# Create buildroot and remove all content if it was existant.