diff options
author | Richard Maw <richard.maw@codethink.co.uk> | 2014-06-09 14:38:35 +0000 |
---|---|---|
committer | Richard Maw <richard.maw@codethink.co.uk> | 2014-06-16 14:33:44 +0000 |
commit | 29dd6a7f8520a146f2f1ebeb3bdef695b8a49666 (patch) | |
tree | ba52a7276fe3f71857bf3ef7bc867c3d8002655e | |
parent | 0e989d48df03e450d74e35e32651917b41f67675 (diff) | |
download | tbdiff-29dd6a7f8520a146f2f1ebeb3bdef695b8a49666.tar.gz |
Use fd from mkstemp to create file object, rather than path
It's a shame to throw away the fd that ensures we aren't hit by a
symlink attack.
-rwxr-xr-x | system-version-manager/system-version-manager | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/system-version-manager/system-version-manager b/system-version-manager/system-version-manager index 659825f..64ca5a4 100755 --- a/system-version-manager/system-version-manager +++ b/system-version-manager/system-version-manager @@ -129,9 +129,8 @@ class SystemVersionManager(object): # Logic copied from morphlib.SaveFile to not create # a morphlib dependency. fd, temp_config = tempfile.mkstemp(dir=self.mount_dir) - os.close(fd) config = os.path.join(self.mount_dir, 'extlinux.conf') - with open(temp_config, 'w') as f: + with os.fdopen(fd, 'w') as f: f.write('default menu.c32\n') f.write('timeout 50\n') f.write('prompt 0\n') |