(#9792) Predictable temporary filename in ralsh.
When ralsh is used in edit mode the temporary filename is in a shared
directory, and is absolutely predictable. Worse, it won't be touched until
well after the startup of the command.
It can be tricked into writing through a symlink to edit any file on the
system, or to create through it, but worse - the file is reopened with the
same name later, so it can have the target replaced between edit and
operate...
The only possible mitigation comes from the system editor and the behaviour it
has around editing through symbolic links, which is very weak.
This improves this to prefer the current working directory for the temporary
file, and to be somewhat less predictable and more safe in conjuring it into
being.
Fixes CVE-2011-3871
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>