[pypy-dev] os.tmpnam warnings
Da_Blitz
pypy at pocketnix.org
Mon Jun 6 15:19:13 CEST 2011
Hi
pypy 1.5 does not display a warning when using the os.tempnam and
os.tmpnam functions. use of these functions is not recommended as they
can cause security issues and hence python issues a RuntimeWarning
below is a patch to app_posix.py to make it act more like cpython
------------------------------------------
diff -r b590cf6de419 pypy/module/posix/app_posix.py
--- a/pypy/module/posix/app_posix.py Fri Apr 29 17:42:40 2011 +0200
+++ b/pypy/module/posix/app_posix.py Mon Jun 06 23:15:15 2011 +1000
@@ -107,6 +107,10 @@
def tmpnam():
"""Return an absolute pathname of a file that did not exist at the
time the call is made."""
+ from warnings import warn
+ from exceptions import RuntimeWarning
+ warn(RuntimeWarning("tmpnam is a potential security risk to your program"))
+
import tempfile
return tempfile.mktemp()
@@ -114,6 +118,10 @@
"""Return an absolute pathname of a file that did not exist at the
time the call is made. The directory and a prefix may be specified
as strings; they may be omitted or None if not needed."""
+ from warnings import warn
+ from exceptions import RuntimeWarning
+ warn(RuntimeWarning("tempnam is a potential security risk to your program"))
+
import tempfile
return tempfile.mktemp('', prefix or 'tmp', dir)
More information about the pypy-dev
mailing list