← Back to branch summary

~ubuntu-branches/ubuntu/trusty/aptoncd/trusty

« back to all changes in this revision

Viewing changes to aptoncd.py

  • Committer: Bazaar Package Importer
  • Author(s): Chris Lamb
  • Date: 2008-09-09 01:01:52 UTC
  • Revision ID: james.westby@ubuntu.com-20080909010152-kr94qdqz8azrs4lp
Tags: 0.1-1.2
http://bugs.debian.org/496390
* Non-maintainer upload.
* Replace usage of hard-coded and predictable temporary directory names to
  prevent against symlink-based attacks. Based on a patch by Marcos Marado.
  (Closes: #496390)

Show diffs side-by-side

added added

removed removed

Lines of Context:
aptoncd.py
18
18
import RepDownload
19
19
import webbrowser
20
20
import sys
 
21
import tempfile
21
22
from mediaInfo import mediaInfo
22
23
from optparse import OptionParser
23
24
import msg
77
78
            isofile = filename[0]
78
79
            
79
80
            if os.path.isfile(isofile):
80
 
                fromPath = "/tmp/aptoncd-mnt-image/"
 
81
                fromPath = tempfile.mkdtemp()
81
82
                utils.mkdir(fromPath,True)
82
83
                
83
84
                command = "gksu --desktop /usr/share/applications/aptoncd.desktop 'mount -o loop %s %s'" % (isofile.replace(' ','\ '), fromPath.replace(' ','\ '))