>/iSrSSKrSSKJr SSKJr Sr\R\R"S5\R"S5S555r g) a_ =================================================== B108: Test for insecure usage of tmp file/directory =================================================== Safely creating a temporary file or directory means following a number of rules (see the references for more details). This plugin test looks for strings starting with (configurable) commonly used temporary paths, for example: - /tmp - /var/tmp - /dev/shm **Config Options:** This test plugin takes a similarly named config block, `hardcoded_tmp_directory`. The config block provides a Python list, `tmp_dirs`, that lists string fragments indicating possible temporary file paths. Any string starting with one of these fragments will report a MEDIUM confidence issue. .. code-block:: yaml hardcoded_tmp_directory: tmp_dirs: ['/tmp', '/var/tmp', '/dev/shm'] :Example: .. code-block: none >> Issue: Probable insecure usage of temp file/directory. Severity: Medium Confidence: Medium CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html) Location: ./examples/hardcoded-tmp.py:1 1 f = open('/tmp/abc', 'w') 2 f.write('def') .. seealso:: - https://security.openstack.org/guidelines/dg_using-temporary-files-securely.html - https://cwe.mitre.org/data/definitions/377.html .. versionadded:: 0.9.0 .. versionchanged:: 1.7.3 CWE information added N)issue)test_propertiescUS:XaS/SQ0$g)Nhardcoded_tmp_directorytmp_dirsz/tmpz/var/tmpz/dev/shm)names ^/home/james-whalen/.local/lib/python3.13/site-packages/bandit/plugins/general_hardcoded_tmp.py gen_configr ;s ((<==)StrB108c^Ub SU;aUSnO/SQn[U4SjU55(aK[R"[R[R[R R SS9$g)Nrrc3Z># UH nTRRU5v M" g7f)N) string_val startswith).0scontexts r *hardcoded_tmp_directory..Is% >X7   ( ( + +Xs(+z/Probable insecure usage of temp file/directory.)severity confidencecwetext)anybanditIssueMEDIUMrCweINSECURE_TEMP_FILE)rconfigrs` r rr@sfjF2*%3 >X >>>||]]}} ,,B   ?r ) __doc__r bandit.corerrtestr takes_configcheckstest_idrr r r r*sW 0b/> Uf    r