New submission from Antoine Pitrou <pit...@free.fr>: Very recent POSIX versions have introduced a set of functions named openat(), unlinkat(), etc. (*) which allow to access files relatively to a directory pointed to by a file descriptor (rather than the process-wide current working directory). They are necessary to implement thread-safe directory traversal without any symlink attacks such as in #4489. Providing Python wrappers for these functions would help creating higher-level abstractions for secure directory traversal on platforms that support it.
(*) http://www.opengroup.org/onlinepubs/9699919799/functions/openat.html “The purpose of the openat() function is to enable opening files in directories other than the current working directory without exposure to race conditions. Any part of the path of a file could be changed in parallel to a call to open(), resulting in unspecified behavior. By opening a file descriptor for the target directory and using the openat() function it can be guaranteed that the opened file is located relative to the desired directory.” ---------- components: Extension Modules, Library (Lib) messages: 78407 nosy: loewis, pitrou priority: normal severity: normal status: open title: create Python wrappers for openat() and others type: feature request versions: Python 2.7, Python 3.1 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue4761> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
