Kaydet (Commit) 00f09b38 authored tarafından Guido van Rossum's avatar Guido van Rossum

Security patch for Unix by Chris McDonough.

This uses the same precautions when trying to find a temporary
directory as when the actual tempfile is created (using O_CREAT and
O_EXCL).  On non-posix platforms, nothing is changed.
üst bfbf1138
...@@ -43,6 +43,20 @@ def gettempdir(): ...@@ -43,6 +43,20 @@ def gettempdir():
for dir in attempdirs: for dir in attempdirs:
try: try:
filename = os.path.join(dir, testfile) filename = os.path.join(dir, testfile)
if os.name == 'posix':
try:
fd = os.open(filename, os.O_RDWR|os.O_CREAT|os.O_EXCL, 0700)
except OSError:
pass
else:
fp = os.fdopen(fd, 'w')
fp.write('blat')
fp.close()
os.unlink(filename)
del fp, fd
tempdir = dir
break
else:
fp = open(filename, 'w') fp = open(filename, 'w')
fp.write('blat') fp.write('blat')
fp.close() fp.close()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment