Message 78407 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	loewis, pitrou
Date	2008-12-28.14:58:36
SpamBayes Score	0.00046084254
Marked as misclassified	No
Message-id	<1230476318.95.0.898909480668.issue4761@psf.upfronthosting.co.za>
In-reply-to

Content
Very recent POSIX versions have introduced a set of functions named openat(), unlinkat(), etc. () which allow to access files relatively to a directory pointed to by a file descriptor (rather than the process-wide current working directory). They are necessary to implement thread-safe directory traversal without any symlink attacks such as in #4489. Providing Python wrappers for these functions would help creating higher-level abstractions for secure directory traversal on platforms that support it. () http://www.opengroup.org/onlinepubs/9699919799/functions/openat.html “The purpose of the openat() function is to enable opening files in directories other than the current working directory without exposure to race conditions. Any part of the path of a file could be changed in parallel to a call to open(), resulting in unspecified behavior. By opening a file descriptor for the target directory and using the openat() function it can be guaranteed that the opened file is located relative to the desired directory.”

Very recent POSIX versions have introduced a set of functions named
openat(), unlinkat(), etc. (*) which allow to access files relatively to
a directory pointed to by a file descriptor (rather than the
process-wide current working directory). They are necessary to implement
thread-safe directory traversal without any symlink attacks such as in
#4489. Providing Python wrappers for these functions would help creating
higher-level abstractions for secure directory traversal on platforms
that support it.

(*) http://www.opengroup.org/onlinepubs/9699919799/functions/openat.html

“The purpose of the openat() function is to enable opening files in
directories other than the current working directory without exposure to
race conditions. Any part of the path of a file could be changed in
parallel to a call to open(), resulting in unspecified behavior. By
opening a file descriptor for the target directory and using the
openat() function it can be guaranteed that the opened file is located
relative to the desired directory.”

History
Date	User	Action	Args
2008-12-28 14:58:39	pitrou	set	recipients: + pitrou, loewis
2008-12-28 14:58:38	pitrou	set	messageid: <1230476318.95.0.898909480668.issue4761@psf.upfronthosting.co.za>
2008-12-28 14:58:38	pitrou	link	issue4761 messages
2008-12-28 14:58:37	pitrou	create