Insecure temp file usage in vanilla plugin

OSSA?

We issue OSSAs only if the issue is present in a supported release. The first supported release of Sahara will be Juno.

So if this is fixed before Juno release (which I recommend), no OSSA is needed.

If this slips in the release and gets fixed after, then OSSA it will be.

@Sergey: any chance you could fix that before rc1 ? If you're reasonably sure, it may make sense to make that bug public so that you can post public review.

According to https://wiki.openstack.org/wiki/Security_supported_projects the VMT only covers Sahara starting with the upcoming Juno release, so unless this bug survives into 2014.2 and is fixed in the stable/juno afterward we would not issue an OSSA for fixes to older Sahara releases. The Sahara developers are free to produce an advisory of their own for Icehouse and earlier releases, however.

I think it should be fixed in Juno 100%, so, I'm opening this bug and removing OSSA from affected projects.

Fix proposed to branch: master
Review: https://review.openstack.org/123286

Reviewed: https://review.openstack.org/123286
Committed: https://git.openstack.org/cgit/openstack/sahara/commit/?id=38ff65d9b08b38a1516a1a3adaab86d3c318fe6b
Submitter: Jenkins
Branch: master

commit 38ff65d9b08b38a1516a1a3adaab86d3c318fe6b
Author: Andrew Lazarev <email address hidden>
Date: Mon Sep 22 16:53:36 2014 -0700

    [Vanilla] Increased security of temporary files for db

    * changed location of files from /tmp to ~
    * added code to remove file after use
    * refactored code to have all actions with files in one place

    Things that can be improved
    * remove code duplication around db actions

    Change-Id: I44657ae9331d4369e667c5dbc0d0f383b9b49cd5
    Closes-Bug: #1370298