diff options
author | Guido van Rossum <guido@python.org> | 1998-10-24 01:34:45 (GMT) |
---|---|---|
committer | Guido van Rossum <guido@python.org> | 1998-10-24 01:34:45 (GMT) |
commit | dce3d5502e5498615362cd4edd9c81bc0de3036a (patch) | |
tree | 3cbf99572d3ffc3e781e22ecc60a509074b77cd0 /Doc/tut | |
parent | 39926e4bbad759fb6bad3945ebc1fe45cf5d7515 (diff) | |
download | cpython-dce3d5502e5498615362cd4edd9c81bc0de3036a.zip cpython-dce3d5502e5498615362cd4edd9c81bc0de3036a.tar.gz cpython-dce3d5502e5498615362cd4edd9c81bc0de3036a.tar.bz2 |
The TemporaryFile() function has a security leak -- because the
filenames generated are easily predictable, it is possible to trick an
unsuspecting program into overwriting another file by creating a
symbolic link with the predicted name. Fix this by using the
low-level os.open() function with the O_EXCL flag and mode 0700. On
non-Unix platforms, presumably there are no symbolic links so the
problem doesn't exist. The explicit test for Unix (posix, actually)
makes it possible to change the non-Unix logic to work without a
try-except clause.
The mktemp() file is as unsafe as ever.
Diffstat (limited to 'Doc/tut')
0 files changed, 0 insertions, 0 deletions