[Python-Dev] FWD: Python execvpe symlink race condition.

[Jeremy Hylton]

On Sun, 2003-02-16 at 12:51, Guido van Rossum wrote:
> Zack's changes to tempfile.py were *not* checked into Python 2.2 --
> they require API changes that are difficult to justify.  (The changes
> by Zack that you remember being checked into 2.2 were execve.)
> 
> A problem with Zack's tempfile changes is that many uses of mktemp are
> perfectly safe, and the warning is so annoying that I decided to
> disable the warning.
> 
> I'm not quite sure what to do now.

If the exec problems were fixed in 2.2, doesn't that address the
currently reported vulnerability?  I glanced at the Debian bug report
and saw that it was reporting an exploit against 2.1.3.  I see some
value in doing a 2.1.4 release, but not enough value to justify the
work.

Aren't the changes in tempfile primarily the addition of new functions
(mkstemp, mkdtemp)?  I think it would be good to backport new functions
that address security issues.  Were there changes to the behavior of
mktemp(), too?  It seems hard to justify an incompatible change to
existing functions.

Jeremy