vhost-user-test uses getpid to create a unique filename. This name is
predictable, and a security problem. Instead, use a tmp directory
created by mkdtemp, which is a suggested best practice.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
root = tmpfs;
}
- socket_path = g_strdup_printf("/tmp/vhost-%d.sock", getpid());
+ socket_path = g_strdup_printf("%s/vhost.sock", tmpfs);
/* create char dev and add read handlers */
qemu_add_opts(&qemu_chardev_opts);