[Python-ideas] shutil.symlink to allow non-race replacement of existing link targets
Barry Scott
barry at barrys-emacs.org
Thu May 16 07:08:30 EDT 2019
> On 16 May 2019, at 11:05, Serhiy Storchaka <storchaka at gmail.com> wrote:
>
> 16.05.19 11:28, Barry Scott пише:
>> To replace one symlink with another atomically is possible by using rename() or renameat()
>> something like:
>> os.symlink( src, tmp_symlink )
>> os.rename( tmp_symlink, dst )
>
> Somebody can replace tmp_symlink between os.symlink() and os.rename().
As I said "I'm sure there is a lot more to cover all the corner cases and attack vectors."
I did this:
$ ln -s -f foo bar
$ strace ln -s -f foo bar
and long story short it does the rename from a tmp named symlink.
Having a shutil function that does the same logic as GNU coreutils ln -s -f
would seem to be a nice addition.
However if you have a situation where security is a concern then there
is a lot of design work that needs to be done that is surely outside the
scope the stdlib as its application specific?
Barry
More information about the Python-ideas
mailing list