Eliminate possible insecure usage of temp file/directory

This patch is a fix for the issue B108: hardcoded_tmp_directory found by bandit scanner. The main reasoning for that is the need for safely creating a temporary file or directory. Change-Id: I4277e9196b9b707b83bb298faeccb59f07d6f10b Related-Bug: #1759250
2018-04-24 17:04:15 +04:00 · 2018-04-24 17:04:15 +04:00 · f6b0f7635c
parent ea89748b0e
commit f6b0f7635c
2 changed files with 2 additions and 3 deletions
--- a/neutron/agent/linux/keepalived.py
+++ b/neutron/agent/linux/keepalived.py
@ -366,7 +366,7 @@ class KeepalivedManager(object):

    """

-    def __init__(self, resource_id, config, process_monitor, conf_path='/tmp',
+    def __init__(self, resource_id, config, process_monitor, conf_path,
                 namespace=None, throttle_restart_value=None):
        self.resource_id = resource_id
        self.config = config
--- a/tox.ini
+++ b/tox.ini
@ -165,11 +165,10 @@ local-check-factory = neutron.hacking.checks.factory

 [testenv:bandit]
 # B104: Possible binding to all interfaces
-# B108: Probable insecure usage of temp file/directory
 # B111: Execute with run_as_root=True identified, possible security issue
 # B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
 deps = -r{toxinidir}/test-requirements.txt
-commands = bandit -r neutron -x tests -n5 -s B104,B108,B111,B311
+commands = bandit -r neutron -x tests -n5 -s B104,B111,B311

 [testenv:bashate]
 commands = bash -c "find {toxinidir}             \