Charles-François Natali <neolo...@free.fr> added the comment: I'm not sure I see what the problem is: - if the idea behind this is the risk of symlink attack (like issue #4489), it's not the case here, because the directory is created with 0600 permission - furthermore, the attached patch has a TOCTTOU race, between the the call to os.path.islink() and the call to rmtree()
So I'd like to know the problem we're trying to solve here. ---------- nosy: +neologix _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue12464> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
