From 29dd6a7f8520a146f2f1ebeb3bdef695b8a49666 Mon Sep 17 00:00:00 2001
From: Richard Maw <richard.maw@codethink.co.uk>
Date: Mon, 9 Jun 2014 14:38:35 +0000
Subject: Use fd from mkstemp to create file object, rather than path

It's a shame to throw away the fd that ensures we aren't hit by a
symlink attack.
---
 system-version-manager/system-version-manager | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'system-version-manager/system-version-manager')

diff --git a/system-version-manager/system-version-manager b/system-version-manager/system-version-manager
index 659825f..64ca5a4 100755
--- a/system-version-manager/system-version-manager
+++ b/system-version-manager/system-version-manager
@@ -129,9 +129,8 @@ class SystemVersionManager(object):
         # Logic copied from morphlib.SaveFile to not create
         # a morphlib dependency.
         fd, temp_config = tempfile.mkstemp(dir=self.mount_dir)
-        os.close(fd)
         config = os.path.join(self.mount_dir, 'extlinux.conf')
-        with open(temp_config, 'w') as f:
+        with os.fdopen(fd, 'w') as f:
             f.write('default menu.c32\n')
             f.write('timeout 50\n')
             f.write('prompt 0\n')
-- 
cgit v1.2.1