[issue37921] Improve zipfile: add support for symlinks
Serhiy Storchaka
report at bugs.python.org
Sat Sep 25 13:47:38 EDT 2021
Serhiy Storchaka <storchaka+cpython at gmail.com> added the comment:
Adding support of symlinks in ZIP files will make the zipfile module vulnerable to symlink attacks like like with TAR files (see https://en.wikipedia.org/wiki/Tar_(computing)#Duplicates). Until we find a solution to this, adding support of symlinks is dangerous.
----------
nosy: +serhiy.storchaka
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue37921>
_______________________________________
More information about the Python-bugs-list
mailing list