On 09/14/2012 05:18 PM, Enrico Scholz wrote:
Constantin Musca
<constantinx.musca-ral2jqcrhueavxtiumw...@public.gmane.org> writes:
+ process_tmpdir = tempfile.mkdtemp(prefix=str(os.getpid()))
fwiw, prefix is usually something which identifies the origin of the
tempfile. getpid() does not make much sense here; it might be better to
use something like 'bitbake-patch' or so.
if os.path.exists(process_tmpdir):
this will trigger everytime becuase 'mkdtemp()' creates the directory.
+ bb.utils.remove(process_tmpdir, True)
this lowers the just gained security... :(
os.makedirs(process_tmpdir)
not needed
---> a plain
| process_tmpdir = tempfile.mkdtemp()
| os.environ['TMPDIR'] = process_tmpdir
suffices (add a custom prefix when you really want it).
Enrico
Is it ok now ? ([PATCH v2] patch.bbclass: increase security)
Constantin
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
