On Mon, 22 Aug 2016 08:33 pm, Jon Ribbens wrote: > On 2016-08-22, Steve D'Aprano <steve+pyt...@pearwood.info> wrote: >> On Mon, 22 Aug 2016 10:38 am, eryk sun wrote: >>> To me it's scary that this check misses cases because it's trying to >>> be cross-platform instead of simply relying on GetFullPathName to do >>> the work. For example, it misses at least the following cases: >> >> Instead of shaking in your boots over a simple bug in a non-critical >> library, how about reporting these cases on the bug tracker with an >> explanation of the problem? > > That seems a rather unnecessarily harsh response.
Eryksun bought into Lawrence's over-the-top rhetorical question "does this scare you?" by answering "Yes", and repeating the ridiculous term "scary". He specifically said that it scares him *because* it is cross-platform code, as if cross-platform code is a bad thing. Now I'm sure that Eryksun isn't *actually* scared of cross-platform code. I'm sure he is quite capable of using (say) os.listdir() without widdling himself in terror *wink*. And I don't know if he was intentionally using the word "scary" or whether it was just an ill-thought out choice of words. Either way, yes, I'm making a gentle dig at Eryksun for exaggerating the magnitude of the supposed problem and for taking something which is clearly a mere bug and treating it as a feature that is broken by design. There's nothing wrong with writing cross-platform code, and there's no reason why non-Windows users shouldn't be permitted to explicitly query whether a file name could be valid on a Windows system. > Also, it's not "non-critical", this is a security bug. How is this a security bug? What's the nature of the vulnerability? -- Steve “Cheer up,” they said, “things could be worse.” So I cheered up, and sure enough, things got worse. -- https://mail.python.org/mailman/listinfo/python-list