Author twb
Recipients amaury.forgeotdarc, gregory.p.smith, ned.deily, r.david.murray, schmir, twb
Date 2009-09-30.22:41:25
SpamBayes Score 5.15395e-08
Marked as misclassified No
Message-id <>
A fair point. I was thinking that we could query the OS about whatever
filesystem the path is on, but this wouldn't work for a file that hasn't
been created yet.

The issue with extractall() isn't just that it can extract over existing
files, it's that it can write files anywhere on the filesystem, both by
exploiting symlinks and through path manipulation. The more I think
about it, though, the more I think the case sensitivity is a non-issue
here, since the trailing part of the extraction paths is built out of
the base path, which I then compare against. The capitalization will
therefore be consistent, and I don't need to worry about this. Does this
seem right?
Date User Action Args
2009-09-30 22:41:27twbsetrecipients: + twb, gregory.p.smith, amaury.forgeotdarc, schmir, ned.deily, r.david.murray
2009-09-30 22:41:27twbsetmessageid: <>
2009-09-30 22:41:26twblinkissue6972 messages
2009-09-30 22:41:25twbcreate