From 133f409f77ab799534cfb8412f45de1d0e89c7cc Mon Sep 17 00:00:00 2001
From: Tracker-Friendly <jliwin98@danwin1210.de>
Date: Thu, 16 Nov 2023 07:50:35 +0000
Subject: [PATCH] Moved all password-related stuff to a tmp folder you can bind
 to tmpfs

---
 app.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app.py b/app.py
index 59d6fdc..29ce668 100644
--- a/app.py
+++ b/app.py
@@ -14,17 +14,17 @@ def create_email_account(username, password):
     if password and is_valid_input(username):
         try:
 
-            with open("password.tmp", "w") as file:
+            with open("tmp/password.tmp", "w") as file:
                 file.write(password)
 
             # Use echo to securely pass the password to the command
-            cmd = ["cat", "password.tmp", "|", "doas", "-u", "maddy", "maddy", "creds", "create", f"{username}@hectabit.org"]
+            cmd = ["cat", "tmp/password.tmp", "|", "doas", "-u", "maddy", "maddy", "creds", "create", f"{username}@hectabit.org"]
             result = subprocess.run(" ".join(cmd), shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
             cmd2 = ["doas", "-u", "maddy", "maddy", "imap-acct", "create", f"{username}@hectabit.org"]
             result2 = subprocess.run(" ".join(cmd2), shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
-            os.remove("password.tmp")
+            os.remove("tmp/password.tmp")
 
             if result.returncode == 0 and result2.returncode == 0:
                 # Command executed successfully