From 4f9553f7ea4ca9d9166980384669c451b74cd019 Mon Sep 17 00:00:00 2001
From: tobi-wan-kenobi <tobi-wan-kenobi@users.noreply.github.com>
Date: Fri, 11 Feb 2022 13:44:10 +0100
Subject: [PATCH] [modules/rss] fix insecure use of tempfile

fixes #850
---
 bumblebee_status/modules/contrib/rss.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/bumblebee_status/modules/contrib/rss.py b/bumblebee_status/modules/contrib/rss.py
index 7b8c032..7824e2e 100644
--- a/bumblebee_status/modules/contrib/rss.py
+++ b/bumblebee_status/modules/contrib/rss.py
@@ -55,7 +55,7 @@ class Module(core.module.Module):
 
         self._state = []
 
-        self._newspaper_filename = tempfile.mktemp(".html")
+        self._newspaper_file = tempfile.NamedTemporaryFile(mode="w", suffix=".html")
 
         self._last_refresh = 0
         self._last_update = 0
@@ -308,10 +308,11 @@ class Module(core.module.Module):
 
         while newspaper_items:
             content += self._create_news_section(newspaper_items)
-        open(self._newspaper_filename, "w").write(
+        self._newspaper_file.write(
             HTML_TEMPLATE.replace("[[CONTENT]]", content)
         )
-        webbrowser.open("file://" + self._newspaper_filename)
+        self._newspaper_file.flush()
+        webbrowser.open("file://" + self._newspaper_file.name)
         self._update_history("newspaper")
         self._save_history()