[Python-Dev] [Python-checkins] cpython: #4489: Add a shutil.rmtree that isn't suspectible to symlink attacks
Hynek Schlawack
hs at ox.cx
Sat Jun 23 20:12:08 CEST 2012
>> It is used automatically on platforms supporting the necessary os.openat() and
>> os.unlinkat() functions. Main code by Martin von Löwis.
>
> Unfortunately, this isn't actually having any effect at the moment
> since the os module APIs changed for the beta release.
>
> The "hasattr(os, 'unlinkat')" and "hasattr(os, 'openat')" checks need
> to become "os.unlink in os.supports_dir_fd" and "os.open in
> os.supports_dir_fd", and the affected calls need to be updated to pass
> "dir_fd" as an argument to the normal versions of the functions.
>
> At least we know the graceful fallback to the old behaviour is indeed
> graceful, though :)
Yeah I've been told on IRC already. I'll commit a fix in a few minutes
if my regression tests on OS X and Linux work fine.
More information about the Python-Dev
mailing list