Eliminate possible insecure usage of temp file/directory
This patch is a fix for the issue B108: hardcoded_tmp_directory found by bandit scanner. The main reasoning for that is the need for safely creating a temporary file or directory. Change-Id: I4277e9196b9b707b83bb298faeccb59f07d6f10b Related-Bug: #1759250
This commit is contained in:
parent
ea89748b0e
commit
f6b0f7635c
@ -366,7 +366,7 @@ class KeepalivedManager(object):
|
|||||||
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def __init__(self, resource_id, config, process_monitor, conf_path='/tmp',
|
def __init__(self, resource_id, config, process_monitor, conf_path,
|
||||||
namespace=None, throttle_restart_value=None):
|
namespace=None, throttle_restart_value=None):
|
||||||
self.resource_id = resource_id
|
self.resource_id = resource_id
|
||||||
self.config = config
|
self.config = config
|
||||||
|
3
tox.ini
3
tox.ini
@ -165,11 +165,10 @@ local-check-factory = neutron.hacking.checks.factory
|
|||||||
|
|
||||||
[testenv:bandit]
|
[testenv:bandit]
|
||||||
# B104: Possible binding to all interfaces
|
# B104: Possible binding to all interfaces
|
||||||
# B108: Probable insecure usage of temp file/directory
|
|
||||||
# B111: Execute with run_as_root=True identified, possible security issue
|
# B111: Execute with run_as_root=True identified, possible security issue
|
||||||
# B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
|
# B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
|
||||||
deps = -r{toxinidir}/test-requirements.txt
|
deps = -r{toxinidir}/test-requirements.txt
|
||||||
commands = bandit -r neutron -x tests -n5 -s B104,B108,B111,B311
|
commands = bandit -r neutron -x tests -n5 -s B104,B111,B311
|
||||||
|
|
||||||
[testenv:bashate]
|
[testenv:bashate]
|
||||||
commands = bash -c "find {toxinidir} \
|
commands = bash -c "find {toxinidir} \
|
||||||
|
Loading…
Reference in New Issue
Block a user