Avoid usage of insecure mktemp() function
Bug #1348869 reported by
Nathan Kinder
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The tempfile.mktemp() function has been deprecated since Python 2.3 due to security issues. There are more secure alternatives available, such as tempfile.
Swift is using tempfile.mktemp() in a few locations in the profiling middleware:
https:/
https:/
These should be modified to use a secure method of temporary file creation for security hardening reasons.
Changed in swift: | |
milestone: | none → 2.2.0-rc1 |
status: | Fix Committed → Fix Released |
Changed in swift: | |
milestone: | 2.2.0-rc1 → 2.2.0 |
To post a comment you must log in.
Change abandoned by Yuan Zhou (<email address hidden>) on branch: master /review. openstack. org/118084
Review: https:/