diff options
| author | R David Murray <rdmurray@bitdance.com> | 2013-09-16 17:48:44 (GMT) |
|---|---|---|
| committer | R David Murray <rdmurray@bitdance.com> | 2013-09-16 17:48:44 (GMT) |
| commit | 4189b67a66afc7a5d4ed9ef39c9f8187d98e7909 (patch) | |
| tree | 202254f086d26dabc01be2f2abb331cd996f829e /Doc/library/netrc.rst | |
| parent | 503baf9ecd2cc5fb0bb85cec99c300862c02de85 (diff) | |
| download | cpython-4189b67a66afc7a5d4ed9ef39c9f8187d98e7909.zip cpython-4189b67a66afc7a5d4ed9ef39c9f8187d98e7909.tar.gz cpython-4189b67a66afc7a5d4ed9ef39c9f8187d98e7909.tar.bz2 | |
#14984: On POSIX, enforce permissions when reading default .netrc.
Initial patch by Bruno Piguet.
This is implemented as if a useful .netrc file could exist without passwords,
which is possible in the general case; but in fact our netrc implementation
does not support it. Fixing that issue will be an enhancement.
Diffstat (limited to 'Doc/library/netrc.rst')
| -rw-r--r-- | Doc/library/netrc.rst | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Doc/library/netrc.rst b/Doc/library/netrc.rst index 8a2f1c6..9792799 100644 --- a/Doc/library/netrc.rst +++ b/Doc/library/netrc.rst @@ -21,6 +21,12 @@ the Unix :program:`ftp` program and other FTP clients. no argument is given, the file :file:`.netrc` in the user's home directory will be read. Parse errors will raise :exc:`NetrcParseError` with diagnostic information including the file name, line number, and terminating token. + If no argument is specified on a POSIX system, the presence of passwords in + the :file:`.netrc` file will raise a :exc:`NetrcParseError` if the file + ownership or permissions are insecure (owned by a user other than the user + running the process, or accessible for read or write by any other user). + This implements security behavior equivalent to that of ftp and other + programs that use :file:`.netrc`. .. exception:: NetrcParseError |