On 2016-08-23 00:21, Ben Finney wrote: > So yes, filenames from arbitrary sources should be *completely* > untrusted, and never used to access any file on the system. Throw > the entire filename away and make a filename locally, without using > any part of the original name.
Sadly, this ideal advice too often conflicts with the shoddy Code Other People Wrote In Our "Enterprise" Systemâ„¢. :-/ -tkc -- https://mail.python.org/mailman/listinfo/python-list
