This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author neologix
Recipients benjamin.peterson, christian.heimes, georg.brandl, hynek, larry, milko.krachounov, neologix, pitrou, tarek
Date 2013-02-22.19:29:42
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
> Shouldn't you try to make the permission removal atomic?
> Otherwise there's a window of opportunity to exploit the suid bit.

Actually there's already a race even without setuid bit:

All metadat should be set atomically.
Date User Action Args
2013-02-22 19:29:42neologixsetrecipients: + neologix, georg.brandl, pitrou, larry, christian.heimes, benjamin.peterson, tarek, milko.krachounov, hynek
2013-02-22 19:29:42neologixsetmessageid: <>
2013-02-22 19:29:42neologixlinkissue17180 messages
2013-02-22 19:29:42neologixcreate