Message214093
First step would be to get rid of the warning in the zipfile docs and replace it with the info that the absolute path '/' and any relative path are stripped silently before the file is extracted.
It would also be worth adding an enhancement to zipfile to optionally not do it silently.
I hope the same considerations apply to tarfile, but I haven't checked.
In other words, I do think that code is a holdover from when zipfile *wasn't* safe, but since I didn't write it I don't know for sure. |
|
Date |
User |
Action |
Args |
2014-03-19 13:19:05 | r.david.murray | set | recipients:
+ r.david.murray, pitrou, eric.araujo, docs@python, peter@psantoro.net |
2014-03-19 13:19:05 | r.david.murray | set | messageid: <1395235145.5.0.178866776252.issue20907@psf.upfronthosting.co.za> |
2014-03-19 13:19:05 | r.david.murray | link | issue20907 messages |
2014-03-19 13:19:05 | r.david.murray | create | |
|