[Python-Dev] Backward compatibility of shutil.rmtree (original) (raw)
Hynek Schlawack hs at ox.cx
Sun May 20 13:58:38 CEST 2012
- Previous message: [Python-Dev] cpython: Describe the default hash correctly, and mark a couple of CPython
- Next message: [Python-Dev] Backward compatibility of shutil.rmtree
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
as our shutil.rmtree() is vulnerable to symlink attacks (see <http://bugs.python.org/issue4489>) I’ve implemented a safe version using os.fwalk() and os.unlinkat() for Python 3.3.
Now we face a problem I’d like a broad opinion on: rmtree has a callback
hook called onerror that that gets called with amongst others the
function that caused the error (see
<http://docs.python.org/dev/library/shutil.html#shutil.rmtree>).
Two of them differ in the new version: os.fwalk() is used instead of os.listdir() and os.unlinkat() instead of os.remove().
The safe version is used transparently if available, so this could potentially break code. Also it would mean that rmtree would behave differently on Linux & OS X for example.
I’ve been thinking to "fake" the function names, as they map pretty good anyway. I.e. call onerror with os.listdir if os.fwalk failed and with os.remove instead of os.unlinkat. That could also make sense if some kind soul writes a safe rmtree for Windows or OS X so the function works the same across all platforms. It's a bit ugly though, a cleaner way would be to start using well defined symbols, but that would break code for sure.
Opinions?
Cheers, Hynek
- Previous message: [Python-Dev] cpython: Describe the default hash correctly, and mark a couple of CPython
- Next message: [Python-Dev] Backward compatibility of shutil.rmtree
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]