[pypy-dev] os.tmpnam warnings

Benjamin Peterson benjamin at python.org
Mon Jun 6 15:37:53 CEST 2011


2011/6/6 Da_Blitz <pypy at pocketnix.org>:
> Hi
>
> pypy 1.5 does not display a warning when using the os.tempnam and
> os.tmpnam functions. use of these functions is not recommended as they
> can cause security issues and hence python issues a RuntimeWarning
>
>
> below is a patch to app_posix.py to make it act more like cpython
>
> ------------------------------------------
>
> diff -r b590cf6de419 pypy/module/posix/app_posix.py
> --- a/pypy/module/posix/app_posix.py    Fri Apr 29 17:42:40 2011 +0200
> +++ b/pypy/module/posix/app_posix.py    Mon Jun 06 23:15:15 2011 +1000
> @@ -107,6 +107,10 @@
>  def tmpnam():
>     """Return an absolute pathname of a file that did not exist at the
>     time the call is made."""
> +    from warnings import warn
> +    from exceptions import RuntimeWarning
> +    warn(RuntimeWarning("tmpnam is a potential security risk to your program"))
> +
>     import tempfile
>     return tempfile.mktemp()
>
> @@ -114,6 +118,10 @@
>     """Return an absolute pathname of a file that did not exist at the
>     time the call is made.  The directory and a prefix may be specified
>     as strings; they may be omitted or None if not needed."""
> +    from warnings import warn
> +    from exceptions import RuntimeWarning

When you do post to the tracker, note RuntimeWarning is builtin.


-- 
Regards,
Benjamin


More information about the pypy-dev mailing list