diff options
author | Fred Drake <fdrake@acm.org> | 2001-10-09 18:07:04 (GMT) |
---|---|---|
committer | Fred Drake <fdrake@acm.org> | 2001-10-09 18:07:04 (GMT) |
commit | 938a8d723ccc82bd5a46354a5740f138d9cfe33e (patch) | |
tree | 56be76c3190df5a7fcde530b4fc0bc468bb9fe49 | |
parent | 92350b3a1f7446e561305bfaa101efeb08286bcc (diff) | |
download | cpython-938a8d723ccc82bd5a46354a5740f138d9cfe33e.zip cpython-938a8d723ccc82bd5a46354a5740f138d9cfe33e.tar.gz cpython-938a8d723ccc82bd5a46354a5740f138d9cfe33e.tar.bz2 |
Improve the documentation for the os.P_* constants used with the os.spawn*()
functions to include information about how they affect the operation of
those functions when used as the "mode" parameter.
This closes SF bug #468384.
Added warnings to the os.tempnam() and os.tmpnam() functions regarding their
security problem. These warning mirror the warnings added to the runtime
by Skip Montanaro.
-rw-r--r-- | Doc/lib/libos.tex | 38 |
1 files changed, 29 insertions, 9 deletions
diff --git a/Doc/lib/libos.tex b/Doc/lib/libos.tex index f8804e8..8adcbd5 100644 --- a/Doc/lib/libos.tex +++ b/Doc/lib/libos.tex @@ -795,6 +795,8 @@ files if \var{dir} is omitted or \code{None}. If given and not filename. Applications are responsible for properly creating and managing files created using paths returned by \function{tempnam()}; no automatic cleanup is provided. +\warning{Use of \function{tempnam()} is vulnerable to symlink attacks; +consider using \function{tmpfile()} instead.} Availability: \UNIX, Windows. \end{funcdesc} @@ -805,6 +807,8 @@ entry in a common location for temporary files. Applications are responsible for properly creating and managing files created using paths returned by \function{tmpnam()}; no automatic cleanup is provided. +\warning{Use of \function{tmpnam()} is vulnerable to symlink attacks; +consider using \function{tmpfile()} instead.} Availability: \UNIX, Windows. \end{funcdesc} @@ -1011,20 +1015,36 @@ Availability: \UNIX{}, Windows. \versionadded{1.6} \end{funcdesc} -\begin{datadesc}{P_WAIT} -\dataline{P_NOWAIT} +\begin{datadesc}{P_NOWAIT} \dataline{P_NOWAITO} -Possible values for the \var{mode} parameter to \function{spawnv()} -and \function{spawnve()}. +Possible values for the \var{mode} parameter to the \function{spawn*()} +family of functions. If either of these values is given, the +\function{spawn*()} functions will return as soon as the new process +has been created, with the process ID as the return value. +Availability: \UNIX{}, Windows. +\versionadded{1.6} +\end{datadesc} + +\begin{datadesc}{P_WAIT} +Possible value for the \var{mode} parameter to the \function{spawn*()} +family of functions. If this is given as \var{mode}, the +\function{spawn*()} functions will not return until the new process +has run to completion and will return the exit code of the process the +run is successful, or \code{-\var{signal}} if a signal kills the +process. Availability: \UNIX{}, Windows. \versionadded{1.6} \end{datadesc} -\begin{datadesc}{P_OVERLAY} -\dataline{P_DETACH} -Possible values for the \var{mode} parameter to \function{spawnv()} -and \function{spawnve()}. These are less portable than those listed -above. +\begin{datadesc}{P_DETACH} +\dataline{P_OVERLAY} +Possible values for the \var{mode} parameter to the +\function{spawn*()} family of functions. These are less portable than +those listed above. +\constant{P_DETACH} is similar to \constant{P_NOWAIT}, but the new +process is detached from the console of the calling process. +If \constant{P_OVERLAY} is used, the current process will be replaced; +the \function{spawn*()} function will not return. Availability: Windows. \versionadded{1.6} \end{datadesc} |