[1.8.x] Discouraged use of /tmp with predictable names.

The use of predictable filenames in /tmp often leads to symlink attacks
so remove the most obvious use of them in the docs.

Backport of 77b8d8cb6d from master
This commit is contained in:
Chris Lamb 2015-12-23 17:08:40 +00:00 committed by Tim Graham
parent 464128eb4e
commit 91d46d2fb8
6 changed files with 7 additions and 7 deletions

View File

@ -163,7 +163,7 @@ class FileDescriptor(object):
Assigns a file object on assignment so you can do::
>>> with open('/tmp/hello.world', 'r') as f:
>>> with open('/path/to/hello.world', 'r') as f:
... instance.file = File(f)
"""

View File

@ -95,7 +95,7 @@ Here's how this might look in a fabfile::
from fabric.contrib import project
# Where the static files get collected locally. Your STATIC_ROOT setting.
env.local_static_root = '/tmp/static'
env.local_static_root = '/path/to/static'
# Where the static files should go remotely
env.remote_static_root = '/home/www/static.example.com'

View File

@ -2588,7 +2588,7 @@ support the \fBstdout\fP and \fBstderr\fP options. For example, you could write:
.sp
.nf
.ft C
with open(\(aq/tmp/command_output\(aq) as f:
with open(\(aq/path/to/command_output\(aq) as f:
management.call_command(\(aqdumpdata\(aq, stdout=f)
.ft P
.fi

View File

@ -1963,5 +1963,5 @@ Output redirection
Note that you can redirect standard output and error streams as all commands
support the ``stdout`` and ``stderr`` options. For example, you could write::
with open('/tmp/command_output') as f:
with open('/path/to/command_output') as f:
management.call_command('dumpdata', stdout=f)

View File

@ -778,7 +778,7 @@ Python file object like this::
from django.core.files import File
# Open an existing file using Python's built-in open()
f = open('/tmp/hello.world')
f = open('/path/to/hello.world')
myfile = File(f)
Or you can construct one from a Python string like this::

View File

@ -91,7 +91,7 @@ using a Python built-in ``file`` object::
>>> from django.core.files import File
# Create a Python file object using open()
>>> f = open('/tmp/hello.world', 'w')
>>> f = open('/path/to/hello.world', 'w')
>>> myfile = File(f)
Now you can use any of the documented attributes and methods
@ -103,7 +103,7 @@ The following approach may be used to close files automatically::
>>> from django.core.files import File
# Create a Python file object using open() and the with statement
>>> with open('/tmp/hello.world', 'w') as f:
>>> with open('/path/to/hello.world', 'w') as f:
... myfile = File(f)
... myfile.write('Hello World')
...