diff options
| author | Benjamin Peterson <benjamin@python.org> | 2011-05-20 16:42:47 (GMT) |
|---|---|---|
| committer | Benjamin Peterson <benjamin@python.org> | 2011-05-20 16:42:47 (GMT) |
| commit | 7f071e6e9f463c459d3a9f55dba35993947d574c (patch) | |
| tree | 101ba6836dbd92bf355560717eb609458c2d6b29 /Doc/library | |
| parent | 6071359de177ba2db621ff698fb4e7c4e1287294 (diff) | |
| parent | c7dd737ef712b9b847dae35422ce3c64efc3d580 (diff) | |
| download | cpython-7f071e6e9f463c459d3a9f55dba35993947d574c.zip cpython-7f071e6e9f463c459d3a9f55dba35993947d574c.tar.gz cpython-7f071e6e9f463c459d3a9f55dba35993947d574c.tar.bz2 | |
merge 3.2
Diffstat (limited to 'Doc/library')
| -rw-r--r-- | Doc/library/os.rst | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/Doc/library/os.rst b/Doc/library/os.rst index 7609580..dfc910b 100644 --- a/Doc/library/os.rst +++ b/Doc/library/os.rst @@ -1346,7 +1346,26 @@ Files and Directories Using :func:`access` to check if a user is authorized to e.g. open a file before actually doing so using :func:`open` creates a security hole, because the user might exploit the short time interval between checking - and opening the file to manipulate it. + and opening the file to manipulate it. It's preferable to use :term:`EAFP` + techniques. For example:: + + if os.access("myfile", os.R_OK): + with open("myfile") as fp: + return fp.read() + return "some default data" + + is better written as:: + + try: + fp = open("myfile") + except OSError as e: + if e.errno == errno.EACCESS: + return "some default data" + # Not a permission error. + raise + else: + with fp: + return fp.read() .. note:: |