Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(2982)

#17180: shutil copy* unsafe on POSIX - they preserve setuid/setgit bits

Can't Edit
Can't Publish+Mail
Start Review
Created:
6 years, 1 month ago by python
Modified:
5 years, 9 months ago
Reviewers:
cf.natali
CC:
Georg, terry.reedy, Ronald Oussoren, AntoinePitrou, larry, giampaolo.rodola, christian.heimes, Benjamin Peterson, tarek_ziade.org, Arfrever, python_milko.3mhz.net, Charles-François Natali, hynek, Jim.J.Jewett, storchaka, Michael.Felt
Visibility:
Public.

Patch Set 1 #

Patch Set 2 #

Patch Set 3 #

Total comments: 3
Unified diffs Side-by-side diffs Delta from patch set Stats Patch
Doc/library/shutil.rst View 1 2 8 chunks +31 lines, -4 lines 0 comments Download
Lib/shutil.py View 1 2 7 chunks +28 lines, -8 lines 3 comments Download
Lib/test/test_shutil.py View 1 2 1 chunk +25 lines, -0 lines 0 comments Download

Messages

Total messages: 1
Charles-François Natali
5 years, 9 months ago #1
http://bugs.python.org/review/17180/diff/8442/Lib/shutil.py
File Lib/shutil.py (right):

http://bugs.python.org/review/17180/diff/8442/Lib/shutil.py#newcode109
Lib/shutil.py:109: fd = os.open(dst, os.O_WRONLY | os.O_CREAT,
O_TRUNC is missing

http://bugs.python.org/review/17180/diff/8442/Lib/shutil.py#newcode110
Lib/shutil.py:110: stat.S_IWUSR | stat.S_IRUSR)
This change is unrelated to the problem at hand, and is backward-incompatible:
before, the opening mode was 666|~umask, now it's 600|~umask. This will break
user code.

http://bugs.python.org/review/17180/diff/8442/Lib/shutil.py#newcode145
Lib/shutil.py:145: mode &= _REMOVE_SBITS_MASK
It's a matter of personal taste, but I would find
mode &= ~_SBITS_MASK
more clear
Sign in to reply to this message.

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+