id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux 15768,The setUp() method FileStorageTests in tests/regressiontests/file_storage/tests.py uses tempfile.mktemp(),d1b,elbarto,"The {{{tempfile.mktemp()}}} function is deprecated and the documentation warns that the ""Use of this function may introduce a security hole in your program"" - see http://docs.python.org/library/tempfile.html#tempfile.mktemp for more information. The {{{setUp()}}} method {{{FileStorageTests}}} in tests/regressiontests/file_storage/tests.py uses {{{tempfile.mktemp()}}} in creating a temporary directory. The temporary directory is then deleted during {{{tearDown()}}}: {{{ #!python class FileStorageTests(unittest.TestCase): storage_class = FileSystemStorage def setUp(self): self.temp_dir = tempfile.mktemp() os.makedirs(self.temp_dir) self.storage = self.storage_class(location=self.temp_dir, base_url='/test_media_url/') def tearDown(self): shutil.rmtree(self.temp_dir) }}} This seems like a mistake because other classes such as {{{FileSaveRaceConditionTest}}} use {{{tempfile.mkdtemp()}}}. {{{tempfile.mkdtemp}}} is a safer way of creating a temporary directory. Something like the following (_NOTE_: I haven't tested this) could be a 'fix'. {{{ - self.temp_dir = tempfile.mktemp() - os.makedirs(self.temp_dir) + self.temp_dir = tempfile.mkdtemp() }}} ",Cleanup/optimization,closed,Testing framework,dev,Normal,fixed,,,Ready for checkin,1,0,0,0,0,0