From: Skip Montanaro <skip@pobox.com>
Date: Sat, 18 Aug 2001 18:52:10 +0000 (+0000)
Subject: added warnings about security risk of using tmpnam and tempnam
X-Git-Tag: v2.2a3~442
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=95618b5bc98ca9f30ed9dd2e4382fd737bbbbc6c;p=python

added warnings about security risk of using tmpnam and tempnam
---

diff --git a/Modules/posixmodule.c b/Modules/posixmodule.c
index 0f4148b041..403bae1486 100644
--- a/Modules/posixmodule.c
+++ b/Modules/posixmodule.c
@@ -4211,6 +4211,11 @@ posix_tempnam(PyObject *self, PyObject *args)
 
     if (!PyArg_ParseTuple(args, "|zz:tempnam", &dir, &pfx))
         return NULL;
+
+    if (PyErr_Warn(PyExc_RuntimeWarning,
+		  "tempnam is a potential security risk to your program") < 0)
+	    return NULL;
+
 #ifdef MS_WIN32
     name = _tempnam(dir, pfx);
 #else
@@ -4258,6 +4263,11 @@ posix_tmpnam(PyObject *self, PyObject *args)
 
     if (!PyArg_ParseTuple(args, ":tmpnam"))
         return NULL;
+
+    if (PyErr_Warn(PyExc_RuntimeWarning,
+		  "tmpnam is a potential security risk to your program") < 0)
+	    return NULL;
+
 #ifdef USE_TMPNAM_R
     name = tmpnam_r(buffer);
 #else