Comment 2 for bug 667896

Btw, having predictable filenames in /tmp/ can be *really* bad.

Attack vector: Mallory links /tmp/pithos.debug.log to ~/.gnupg/secring.gpg. If Pithos doesn't do a lot of checking, it'll overwrite your secret key on start.

I'd use tempfile.mkstemp(prefix="pithos-debug-", suffix=".log"), or store logs in a subdirectory of ~.