fix insecure tempfiles

- modernizes all the tempfile code as well
author: Lamont Granquist <lamont@scriptkiddie.org> 2013-10-22 12:00:57 -0700
committer: Lamont Granquist <lamont@scriptkiddie.org> 2013-10-23 17:15:10 -0700
commit: 632b134e5bebe06acb91e03867eb453f05fe9c1b (patch)
tree: 391754df7ea378acc28c709aaf5c283bb1d6088f /lib/chef/knife/edit.rb
parent: 026c5ab32c2773d8a8a9bd9c318a6b21aac8f4fd (diff)
download: chef-632b134e5bebe06acb91e03867eb453f05fe9c1b.tar.gz
1 files changed, 3 insertions, 8 deletions
diff --git a/lib/chef/knife/edit.rb b/lib/chef/knife/edit.rb
index 830da84a12..442b0e08c2 100644
--- a/lib/chef/knife/edit.rb
+++ b/lib/chef/knife/edit.rb
@@ -51,10 +51,8 @@ class Chef
 
       def edit_text(text, extension)
         if (!config[:disable_editing])
-          file = Tempfile.new([ 'knife-edit-', extension ])
-          begin
+          Tempfile.new([ 'knife-edit-', extension ]) do |file|
             # Write the text to a temporary file
-            file.open
             file.write(text)
             file.close
 
@@ -63,12 +61,9 @@ class Chef
               raise "Please set EDITOR environment variable"
             end
 
-            file.open
-            result_text = file.read
-            return result_text if result_text != text
+            result_text = IO.read(file.path)
 
-          ensure
-            file.close!
+            return result_text if result_text != text
           end
         end
       end
author	Lamont Granquist <lamont@scriptkiddie.org>	2013-10-22 12:00:57 -0700
committer	Lamont Granquist <lamont@scriptkiddie.org>	2013-10-23 17:15:10 -0700
commit	632b134e5bebe06acb91e03867eb453f05fe9c1b (patch)
tree	391754df7ea378acc28c709aaf5c283bb1d6088f /lib/chef/knife/edit.rb
parent	026c5ab32c2773d8a8a9bd9c318a6b21aac8f4fd (diff)
download	chef-632b134e5bebe06acb91e03867eb453f05fe9c1b.tar.gz