--- ruby-1.6.7.patch/ruby-1.6.7/lib/cgi/session.rb.orig	2001-12-03 12:04:47.000000000 +0200
+++ ruby-1.6.7.patch/ruby-1.6.7/lib/cgi/session.rb	2005-01-12 09:31:52.000000000 +0200
@@ -107,50 +107,50 @@
 	unless check_id(id)
 	  raise ArgumentError, "session_id `%s' is invalid" % id
 	end
-	path = dir+"/"+prefix+id
-	path.untaint
-	unless File::exist? path
+	@path = dir+"/"+prefix+id
+	@path.untaint
+	unless File::exist? @path
 	  @hash = {}
 	end
-	begin
-	  @f = open(path, "r+")
-	rescue Errno::ENOENT
-	  @f = open(path, "w+")
-	end
       end
 
       def restore
 	unless @hash
 	  @hash = {}
-	  @f.flock File::LOCK_EX
-	  @f.rewind
-	  for line in @f
-	    line.chomp!
-	    k, v = line.split('=',2)
-	    @hash[CGI::unescape(k)] = CGI::unescape(v)
+	  begin
+	    f = File.open(@path, 'r')
+	    f.flock File::LOCK_SH
+	    for line in f
+	      line.chomp!
+	      k, v = line.split('=',2)
+	      @hash[CGI::unescape(k)] = CGI::unescape(v)
+	    end
+	  ensure
+	    f.close unless f.nil?
 	  end
 	end
 	@hash
       end
 
       def update
-	@f.rewind
-	for k,v in @hash
-	  @f.printf "%s=%s\n", CGI::escape(k), CGI::escape(v)
-	end
-	@f.truncate @f.tell
+      return unless @hash
+      begin
+        f = File.open(@path, File::CREAT|File::TRUNC|File::RDWR, 0600)
+        f.flock File::LOCK_EX
+        for k,v in @hash
+          f.printf "%s=%s\n", CGI::escape(k), CGI::escape(String(v))
+        end
+      ensure
+        f.close unless f.nil?
+      end
       end
 
       def close
-	return if @f.closed?
 	update
-	@f.close
       end
 
       def delete
-	path = @f.path
-	@f.close
-	File::unlink path
+	File::unlink @path
       end
     end