The Cost of Dynamism (was Re: Pyhon 2.x or 3.x, which is faster?)

[Steven D'Aprano]

On Wednesday 23 March 2016 09:23, Chris Angelico wrote:

> On Wed, Mar 23, 2016 at 6:43 AM, Michael Torrie <torriem at gmail.com> wrote:
>> And despite the impression you may have gotten, it is appropriate to
>> look before you leap. Using os.exists() and other pre-flight checks are
>> appropriate.
> 
> Hmm, can you justify this? Remember, as soon as any other process has
> done anything, your LBYL is invalid. 

"Time of check to time of use":

https://en.wikipedia.org/wiki/Time_of_check_to_time_of_use

Fortunately, not all such "bugs" are of equal severity. In this case, there 
are two failure modes. Consider a *false positive* bug: we think the file 
exists when it actually doesn't.

if os.path.exists(filename):
    os.unlink(filename)  # some other process does this
    open(filename)


This is probably bad. At best, we get some sort of unhandled exception. At 
worst, we get some sort of TOCTTOU security vulnerability.

Consider a *false negative* bug: we think the file doesn't exist, when it 
actually does, and report an error:

if os.path.exists(filename):
    ...
else:
    open(filename, 'w').write('stuff')  # some other process does this
    print("No such file, please try again.")


This is probably trivial. The user simply tries again, or refreshes the 
application's "file open" selector, or something similar. No harm done.


Or consider scripting a file rename:


for old, new in zip(oldnames, newnames):
    if os.path.exists(new):
        print("skipping...")
    os.rename(old, new)


Is it safe? Strictly speaking, no, but for a single user computer, it's 
probably safe enough. If I'm busy saving new files to a directory at the 
same time as I'm running a bulk rename of the files in that same directory, 
I probably deserve to have data loss :-)

(But having said that, if someone can give a recipe for the right way to do 
a file rename without overwriting existing files, I'd love to see it.)



-- 
Steve