mirror of https://github.com/zulip/zulip.git
ff1622afcf
Although mktemp is deprecated due to security issues, this is not a security issue. The security problems with mktemp happen when you open the resulting filename (without O_EXCL) in a publicly writable directory, because then someone else might have predicted the filename and created or symlinked or hardlinked something there between the mktemp and the open, causing you to write to a file you didn’t expect. Here we don’t open the resulting filename, we symlink to it. symlink will refuse to clobber an existing file, and we handle the error that arises from this case. This is the normal way to atomically create a symlink. We should still replace mktemp because it’s deprecated, but we can’t replace it with a function that creates the temporary file. Instead we build a random filename ourselves. Signed-off-by: Anders Kaseorg <anders@zulip.com> |
||
|---|---|---|
| .. | ||
| third | ||
| __init__.py | ||
| build-pgroonga | ||
| certbot-maybe-renew | ||
| check_rabbitmq_queue.py | ||
| clean-unused-caches | ||
| clean_emoji_cache.py | ||
| clean_node_cache.py | ||
| clean_venv_cache.py | ||
| create-production-venv | ||
| create-thumbor-venv | ||
| email-mirror-postfix | ||
| hash_reqs.py | ||
| install | ||
| install-node | ||
| node_cache.py | ||
| pythonrc.py | ||
| queue_workers.py | ||
| setup-apt-repo | ||
| setup-apt-repo-debathena | ||
| setup-yum-repo | ||
| setup_path.py | ||
| setup_venv.py | ||
| sharding.py | ||
| unpack-zulip | ||
| upgrade-zulip | ||
| upgrade-zulip-from-git | ||
| upgrade-zulip-stage-2 | ||
| zulip_tools.py | ||