tempnam
detected BAN-B325106
107def tar_something():
108 context = ssl._create_stdlib_context()
109 os.tempnam("dir1")110 subprocess.Popen("/bin/chown *", shell=True)
111 o.system("/bin/tar xvzf *")
112 subprocess.run(["clear"])
Use of os.tempnam()
and os.tmpnam()
is vulnerable to symlink attacks. Consider using tmpfile()
instead.
import os
filename = os.tmpnam()
with open(filename, 'w') as f:
# Do things with the file object
import os
with os.tmpfile() as f:
# Do things with the file object