[issue13734] Add a generic directory walker method to avoid symlink attacks
Nick Coghlan
report at bugs.python.org
Tue Jan 10 01:33:49 CET 2012
Nick Coghlan <ncoghlan at gmail.com> added the comment:
OK, os.walkfd is sounding good:
- accepts a file descriptor, byte sequence or string for "top"
- produces 4-tuples, with the dirfd added at the end
- documents clearly that the dirfd is normally only valid until the next iteration step, so you need to call os.dup() if you want to hang onto it
As far as walkdir integration goes, I currently plan to add it as a "Directory Walking" subsection in shutil before the first alpha. However, it needs a few more updates in PyPI first (e.g. preserving the tuples produced by the underlying iterators, making sure it behaves itself when handed binary paths). I'll post to python-dev about it before I actually commit anything.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13734>
_______________________________________
More information about the Python-bugs-list
mailing list