[issue4489] shutil.rmtree is vulnerable to a symlink attack
Mart Sõmermaa
report at bugs.python.org
Mon Dec 29 09:22:56 CET 2008
Mart Sõmermaa <mrts at mrts.pri.ee> added the comment:
Ah, right you are. Attaching an initial alpha-quality patched shutil.py
and a script to test the attack.
Run the script by sourcing it with . test_issue4489.sh, not by executing
(job control won't work in this case).
Added file: http://bugs.python.org/file12482/shutil_patched.py
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue4489>
_______________________________________
More information about the Python-bugs-list
mailing list