This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author neologix
Recipients abacabadabacaba, georg.brandl, ncoghlan, neologix, petri.lehtinen
Date 2011-07-25.20:30:10
SpamBayes Score 0.0024420402
Marked as misclassified No
Message-id <1311625811.35.0.0551055814689.issue12464@psf.upfronthosting.co.za>
In-reply-to
Content
I'm not sure I see what the problem is:
- if the idea behind this is the risk of symlink attack (like issue #4489), it's not the case here, because the directory is created with 0600 permission
- furthermore, the attached patch has a TOCTTOU race, between the the call to os.path.islink() and the call to rmtree()

So I'd like to know the problem we're trying to solve here.
History
Date User Action Args
2011-07-25 20:30:11neologixsetrecipients: + neologix, georg.brandl, ncoghlan, abacabadabacaba, petri.lehtinen
2011-07-25 20:30:11neologixsetmessageid: <1311625811.35.0.0551055814689.issue12464@psf.upfronthosting.co.za>
2011-07-25 20:30:10neologixlinkissue12464 messages
2011-07-25 20:30:10neologixcreate