commit: 8a807c9d67ba7eadfb4695cdfbb8d7687dd2d26f
Author: Devan Franchini <twitch153 <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 14 01:06:26 2014 +0000
Commit: Devan Franchini <twitch153 <AT> gentoo <DOT> org>
CommitDate: Fri Nov 14 01:13:49 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/webapp-config.git;a=commit;h=8a807c9d
config.py: Modifies import strategy for config parser
On systems which had dev-python/configparser installed (a package
to add support for the py3.x configparser class in py2.x)
webapp-config would make use of that class instead of py2.x's built
in ConfigParser class. This would lead to improper interpolation of
configuration variables that follow the syntax "${<var>}". This
dangerous behavior could (and has) lead to webapp-config installing
a webapp to the root filesystem of a host. This danger has been
avoided by modifying the import strategy for the config parser we're
using so that we force import the ConfigParser class if using py2.x.
X-Gentoo-Bug: 528752
X-Gentoo-Bug-URL: https://bugs.gentoo.org/528752
---
WebappConfig/config.py | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/WebappConfig/config.py b/WebappConfig/config.py
index cdae149..c87b93b 100644
--- a/WebappConfig/config.py
+++ b/WebappConfig/config.py
@@ -21,15 +21,12 @@
import sys, os, os.path, re, socket, time
-try:
+if sys.hexversion >= 0x3000000:
# Python 3
import configparser
- if sys.version_info >= (3, 2):
- from configparser import ConfigParser as configparser_ConfigParser
- from configparser import ExtendedInterpolation
- else:
- from configparser import SafeConfigParser as configparser_ConfigParser
-except ImportError:
+ from configparser import ConfigParser as configparser_ConfigParser
+ from configparser import ExtendedInterpolation
+else:
# Python 2
import ConfigParser as configparser
from ConfigParser import SafeConfigParser as configparser_ConfigParser
