[Python-ideas] Implementation of shutil.move
Steven D'Aprano
steve at pearwood.info
Mon Aug 15 19:10:33 CEST 2011
Christian Heimes wrote:
> This may sound harsh. If you proposed changes don't survive hostiles
> environment then there is no reason in implementing them at all. It's
> the false sense of security Nick was talking about earlier. At best your
> solution is slightly less insecure but still insecure and a loophole for
> exploits. IMHO you should update the docs and explain why and how some
> operations are subjected to race conditions.
Security against hostile attacks is not the only value for a so-called
"safe move". There is also security against accidental collisions. I
currently have about 100 processes running as me (excluding system
processes), and some of them write to files. Sometimes I have a few
scripts running which write to a *lot* of files. I'd like a little more
protection from accidental collisions, even if it's not foolproof.
But please don't call the function "safe_move", since it isn't safe.
Better a bland name like "move2", and full disclosure of what it can and
can't protect you from, than a misleading name that gives a false
impression.
--
Steven
More information about the Python-ideas
mailing list