mirrors/deluge
1
0
Fork 0
mirror of https://git.deluge-torrent.org/deluge synced 2025-04-20 11:35:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix #2112 : World readable tmp directory in json_api

Browse source
This commit is contained in:
baconseed 2012-09-29 17:01:28 +01:00 committed by Calum Lind
parent 43390b850a
commit bb7b529c29
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
deluge/ui/web/json_api.py
View file

@ -664,7 +664,8 @@ class WebApi(JSONComponent):
log.error("Reason: %s", result.getErrorMessage())
return result
tmp_file = os.path.join(tempfile.gettempdir(), url.split("/")[-1])
tempdir = tempfile.mkdtemp(prefix="delugeweb-")
tmp_file = os.path.join(tempdir, url.split("/")[-1])
log.debug("filename: %s", tmp_file)
headers = {}
if cookie: