[pypy-issue] [issue740] os.tmpname does not produce a RuntimeWarning
Da_Blitz
tracker at bugs.pypy.org
Mon Jun 6 15:57:15 CEST 2011
New submission from Da_Blitz <pypy at pocketnix.org>:
when using os.tmpnam or os.tempnam on cpython a runtime warning is produced
warning about the security risks of using the function. pypy-1.5 does not
produce this warning. a patch to change this behavior in pypy to match cpython
is attached
also a thanks to Benjamin Peterson for pointing out that RuntimeWarning is a builtin
----------
files: patch.txt
messages: 2604
nosy: dablitz, pypy-issue
priority: bug
status: unread
title: os.tmpname does not produce a RuntimeWarning
________________________________________
PyPy bug tracker <tracker at bugs.pypy.org>
<https://bugs.pypy.org/issue740>
________________________________________
-------------- next part --------------
diff -r b590cf6de419 pypy/module/posix/app_posix.py
--- a/pypy/module/posix/app_posix.py Fri Apr 29 17:42:40 2011 +0200
+++ b/pypy/module/posix/app_posix.py Mon Jun 06 23:52:07 2011 +1000
@@ -107,6 +107,10 @@
def tmpnam():
"""Return an absolute pathname of a file that did not exist at the
time the call is made."""
+ from warnings import warn
+ warn(RuntimeWarning("tmpnam is a potential security risk to your program"))
+
import tempfile
return tempfile.mktemp()
@@ -114,6 +118,10 @@
"""Return an absolute pathname of a file that did not exist at the
time the call is made. The directory and a prefix may be specified
as strings; they may be omitted or None if not needed."""
+ from warnings import warn
+ warn(RuntimeWarning("tempnam is a potential security risk to your program"))
+
import tempfile
return tempfile.mktemp('', prefix or 'tmp', dir)
More information about the pypy-issue
mailing list