From b37b8eca8856b0a034814f60fd34490d962c6dff Mon Sep 17 00:00:00 2001
From: Georg Brandl <georg@python.org>
Date: Sun, 17 Jul 2005 21:10:11 +0000
Subject: bug [ 872769 ] os.access() documentation should stress race
 conditions

---
 Doc/lib/libos.tex | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Doc/lib/libos.tex b/Doc/lib/libos.tex
index 2fbe669..e5b5962 100644
--- a/Doc/lib/libos.tex
+++ b/Doc/lib/libos.tex
@@ -680,6 +680,11 @@ test permissions.  Return \constant{True} if access is allowed,
 \constant{False} if not.
 See the \UNIX{} man page \manpage{access}{2} for more information.
 Availability: Macintosh, \UNIX, Windows.
+
+\note{Using \function{access()} to check if a user is authorized to e.g.
+open a file before actually doing so using \function{open()} creates a 
+security hole, because the user might exploit the short time interval 
+between checking and opening the file to manipulate it.}
 \end{funcdesc}
 
 \begin{datadesc}{F_OK}
-- 
cgit v0.12