Issue #12363 has been reported by Josh Cooper. ---------------------------------------- Bug #12363: Don't rely on TMP environment variables during installation https://projects.puppetlabs.com/issues/12363
Author: Josh Cooper Status: Accepted Priority: Normal Assignee: Josh Cooper Category: installation Target version: 2.7.x Affected Puppet version: 2.7.10 Keywords: Branch: Puppet's install.rb script currently uses ENV['TMP'], ENV['TEMP'], /tmp, etc as the temp directory search path, using the first one that exists. It then creates temp files using predictable file names within the directory, which are copied into ruby's bin directory, and .bat files on Windows. This isn't secure as the files are predictable. Also in non-interactive shells, TMP and TEMP are often not defined, for example when installing puppet during an acceptance test run. As a result, puppet falls back to /tmp, but that doesn't work when installing on Windows agents (during an acceptance test). Since we're in ruby, we should just use Tempfile -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
