[Python-Dev] Ext4 data loss

"Martin v. Löwis" martin at v.loewis.de
Fri Mar 13 19:31:21 CET 2009

> Think about the security implications of a file name that is in advance
> known to an attacker as well as the fact that the said file will replace
> an *important* system file.

You should always use O_EXCL in that case. Relying on random name will
be a severe security threat to the application.


More information about the Python-Dev mailing list