Serhiy Storchaka <[email protected]> added the comment:
Adding support of symlinks in ZIP files will make the zipfile module vulnerable to symlink attacks like like with TAR files (see https://en.wikipedia.org/wiki/Tar_(computing)#Duplicates). Until we find a solution to this, adding support of symlinks is dangerous. ---------- nosy: +serhiy.storchaka _______________________________________ Python tracker <[email protected]> <https://bugs.python.org/issue37921> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
