> - if filename:
> - tmp = "tmp=%s" % utils.ShellQuote(filename)
> - else:
> - tmp = ('tmp=$(mktemp --tmpdir gnt.XXXXXX) && '
> - 'chmod %o "${tmp}"') % mode
> - cmd = ("%s && "
> - "[[ -f \"${tmp}\" ]] && "
> - "cat > \"${tmp}\" && "
> - "echo \"${tmp}\"") % tmp
> -
> - p = subprocess.Popen(GetSSHCommand(node, cmd), shell=False,
> - stdin=subprocess.PIPE, stdout=subprocess.PIPE)
> + if not filename:
> + # pylint: disable=E0602
> + r = ''.join(random.choice(string.ascii_letters) for i in range(6))
> + filename = "/tmp/gnt.%s" % r
Why replace the safe tmpdir generation by mktemp by a less safe hand-grown
solution?
--
Klaus Aehlig
Google Germany GmbH, Dienerstr. 12, 80331 Muenchen
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschaeftsfuehrer: Matthew Scott Sucherman, Paul Terence Manicle
