[Python-ideas] Implementation of shutil.move

Steven D'Aprano steve at pearwood.info
Mon Aug 15 19:10:33 CEST 2011

Christian Heimes wrote:

> This may sound harsh. If you proposed changes don't survive hostiles
> environment then there is no reason in implementing them at all. It's
> the false sense of security Nick was talking about earlier. At best your
> solution is slightly less insecure but still insecure and a loophole for
> exploits. IMHO you should update the docs and explain why and how some
> operations are subjected to race conditions.

Security against hostile attacks is not the only value for a so-called 
"safe move". There is also security against accidental collisions. I 
currently have about 100 processes running as me (excluding system 
processes), and some of them write to files. Sometimes I have a few 
scripts running which write to a *lot* of files. I'd like a little more 
protection from accidental collisions, even if it's not foolproof.

But please don't call the function "safe_move", since it isn't safe. 
Better a bland name like "move2", and full disclosure of what it can and 
can't protect you from, than a misleading name that gives a false 


More information about the Python-ideas mailing list