On Tue, 25 Nov 2008 20:40:57 +1300, Lawrence D'Oliveiro <[EMAIL PROTECTED]> wrote: > Jorgen Grahn wrote: > >> Seems to me you simply want to know beforehand that the reading will >> work. But you can never check that! You can stat(2) the file, or >> open-and-close it -- and then a microsecond later, someone deletes the >> file, or replaces it with another one, or write-protects it, or mounts >> a file system on top of its directory, or drops a nuke over the city, >> or ... >
> Depends on what exactly you're trying to guard against. Your > comments would apply, for example, to a set-uid program being run by a > potentially hostile local user Yeah, I know. I covered that in the part you snipped: "Nor seems the 'user' input come from some other user than the one your program is running as, nor from some input source which the user cannot be held responsible for." /Jorgen -- // Jorgen Grahn <grahn@ Ph'nglui mglw'nafh Cthulhu \X/ snipabacken.se> R'lyeh wgah'nagl fhtagn! -- http://mail.python.org/mailman/listinfo/python-list
