[1.9.x] Discouraged use of /tmp with predictable names.

The use of predictable filenames in /tmp often leads to symlink attacks
so remove the most obvious use of them in the docs.

Backport of 77b8d8cb6d6d6345f479c68c4892291c1492ba7e from master

6 files changed, 7 insertions, 7 deletions

diff --git a/django/db/models/fields/files.py b/django/db/models/fields/files.py
index 760c17b001..c64752b165 100644
--- a/django/db/models/fields/files.py
+++ b/django/db/models/fields/files.py
@@ -163,7 +163,7 @@ class FileDescriptor(object):
 
     Assigns a file object on assignment so you can do::
 
-        >>> with open('/tmp/hello.world', 'r') as f:
+        >>> with open('/path/to/hello.world', 'r') as f:
         ...     instance.file = File(f)
     """
     def __init__(self, field):
diff --git a/docs/howto/static-files/deployment.txt b/docs/howto/static-files/deployment.txt
index 396c8c85c0..da0427343e 100644
--- a/docs/howto/static-files/deployment.txt
+++ b/docs/howto/static-files/deployment.txt
@@ -95,7 +95,7 @@ Here's how this might look in a fabfile::
     from fabric.contrib import project
 
     # Where the static files get collected locally. Your STATIC_ROOT setting.
-    env.local_static_root = '/tmp/static'
+    env.local_static_root = '/path/to/static'
 
     # Where the static files should go remotely
     env.remote_static_root = '/home/www/static.example.com'
diff --git a/docs/man/django-admin.1 b/docs/man/django-admin.1
index a93f504acc..ce0e4c8c89 100644
--- a/docs/man/django-admin.1
+++ b/docs/man/django-admin.1
@@ -2417,7 +2417,7 @@ support the \fBstdout\fP and \fBstderr\fP options. For example, you could write:
 .sp
 .nf
 .ft C
-with open(\(aq/tmp/command_output\(aq) as f:
+with open(\(aq/path/to/command_output\(aq) as f:
     management.call_command(\(aqdumpdata\(aq, stdout=f)
 .ft P
 .fi
diff --git a/docs/ref/django-admin.txt b/docs/ref/django-admin.txt
index 9e1441dde3..159d169d11 100644
--- a/docs/ref/django-admin.txt
+++ b/docs/ref/django-admin.txt
@@ -1799,5 +1799,5 @@ Output redirection
 Note that you can redirect standard output and error streams as all commands
 support the ``stdout`` and ``stderr`` options. For example, you could write::
 
-    with open('/tmp/command_output') as f:
+    with open('/path/to/command_output') as f:
         management.call_command('dumpdata', stdout=f)
diff --git a/docs/ref/models/fields.txt b/docs/ref/models/fields.txt
index 79c66e696b..fa8eb51ddf 100644
--- a/docs/ref/models/fields.txt
+++ b/docs/ref/models/fields.txt
@@ -795,7 +795,7 @@ Python file object like this::
 
     from django.core.files import File
     # Open an existing file using Python's built-in open()
-    f = open('/tmp/hello.world')
+    f = open('/path/to/hello.world')
     myfile = File(f)
 
 Or you can construct one from a Python string like this::
diff --git a/docs/topics/files.txt b/docs/topics/files.txt
index ce8a5c75a0..81b82e3d73 100644
--- a/docs/topics/files.txt
+++ b/docs/topics/files.txt
@@ -91,7 +91,7 @@ using a Python built-in ``file`` object::
     >>> from django.core.files import File
 
     # Create a Python file object using open()
-    >>> f = open('/tmp/hello.world', 'w')
+    >>> f = open('/path/to/hello.world', 'w')
     >>> myfile = File(f)
 
 Now you can use any of the documented attributes and methods
@@ -103,7 +103,7 @@ The following approach may be used to close files automatically::
     >>> from django.core.files import File
 
     # Create a Python file object using open() and the with statement
-    >>> with open('/tmp/hello.world', 'w') as f:
+    >>> with open('/path/to/hello.world', 'w') as f:
     ...     myfile = File(f)
     ...     myfile.write('Hello World')
     ...