Message 253196 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	socketpair
Recipients	Arfrever, georg.brandl, josh.r, ncoghlan, neologix, pitrou, python-dev, serhiy.storchaka, socketpair, vstinner
Date	2015-10-19.21:28:35
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1445290115.25.0.699822324918.issue21515@psf.upfronthosting.co.za>
In-reply-to

Content
Suppose conditions: - Old linux kernel ignoring flag - malicious hacker force use of PLAIN FILE instead of directory On new kernel it will fail On old kernel it will just open that file! So, we can make a HACK! Just add last slash to directory name. This will not hurt on new kernels, but protect on old kernels. tests should also test a case when directory is symlink really.

Suppose conditions:
- Old linux kernel ignoring flag
- malicious hacker force use of PLAIN FILE instead of directory

On new kernel it will fail
On old kernel it will just open that file!

So, we can make a HACK! Just add last slash to directory name. This will not hurt on new kernels, but protect on old kernels.

tests should also test a case when directory is symlink really.

History
Date	User	Action	Args
2015-10-19 21:28:35	socketpair	set	recipients: + socketpair, georg.brandl, ncoghlan, pitrou, vstinner, Arfrever, neologix, python-dev, serhiy.storchaka, josh.r
2015-10-19 21:28:35	socketpair	set	messageid: <1445290115.25.0.699822324918.issue21515@psf.upfronthosting.co.za>
2015-10-19 21:28:35	socketpair	link	issue21515 messages
2015-10-19 21:28:35	socketpair	create