Issue #12362 has been updated by Daniel Pittman. Status changed from In Topic Branch Pending Review to Merged - Pending Release Target version changed from 1.6.x to 1.6.6
---------------------------------------- Bug #12362: Don't rely on TMP environment variables during installation https://projects.puppetlabs.com/issues/12362 Author: Josh Cooper Status: Merged - Pending Release Priority: Normal Assignee: Josh Cooper Category: installation Target version: 1.6.6 Keywords: Branch: https://github.com/puppetlabs/facter/pull/163 Affected Facter version: 1.6.5 Facter's install.rb script currently uses ENV['TMP'], ENV['TEMP'], /tmp, etc as the temp directory search path, using the first one that exists. It then creates temp files using predictable file names within the directory, which are copied into ruby's bin directory, and .bat files on Windows. This isn't secure as the files are predictable. Also in non-interactive shells, TMP and TEMP are often not defined, for example when installing facter during an acceptance test run. As a result, facter falls back to /tmp, but that doesn't work when installing on Windows agents (during an acceptance test). Since we're in ruby, we should just use Tempfile -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
