[issue13734] Add a generic directory walker method to avoid symlink attacks
Charles-François Natali
report at bugs.python.org
Sat May 12 17:06:14 CEST 2012
Charles-François Natali <neologix at free.fr> added the comment:
> It would be nice if the documentation of fwalk() explained why you would
> want to use it over walk().
How does the attached patch look?
----------
Added file: http://bugs.python.org/file25550/fwalk-doc.diff
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13734>
_______________________________________
-------------- next part --------------
diff --git a/Doc/library/os.rst b/Doc/library/os.rst
--- a/Doc/library/os.rst
+++ b/Doc/library/os.rst
@@ -2356,6 +2356,9 @@
*dirpath*, *dirnames* and *filenames* are identical to :func:`walk` output,
and *dirfd* is a file descriptor referring to the directory *dirpath*.
+ It can be used, for example, to walk a directory tree in a way that is
+ immune to symlink attacks.
+
.. note::
Since :func:`fwalk` yields file descriptors, those are only valid until
More information about the Python-bugs-list
mailing list