New submission from Hynek Schlawack <h...@ox.cx>: This is an offspring of #4489 (which is a security bug). The method is AFAIU intended to be private.
As shown in the discussion of the mentioned #4489, there is a whole family of attacks that exploit the time window between gathering path names and executing a function on them. A general description of this problem can be found in: https://www.securecoding.cert.org/confluence/display/seccode/POS35-C.+Avoid+race+conditions+while+checking+for+the+existence+of+a+symbolic+link While the consequences in rmtree() are probably most dramatic, other recursive functions could benefit too (chmodtree() and chowntree() were mentioned) so Charles-François suggested to write a "generic walker method that would take as argument the methods to call on a directory and on a file (or link)". Some (probably) necessary helper functions has been already implemented in #4761 (*at()) and #10755 (fdlistdir()). Has there already been done any work? Ross mentioned he wanted to take a stab? ---------- components: Library (Lib) messages: 150833 nosy: hynek.schlawack, neologix, pitrou, rosslagerwall, tarek priority: normal severity: normal status: open title: Add a generic directory walker method to avoid symlink attacks type: security versions: Python 3.3 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13734> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
