[New-bugs-announce] [issue40525] zipapps execute symlinks as if they are code
Anthony Sottile
report at bugs.python.org
Tue May 5 18:55:41 EDT 2020
New submission from Anthony Sottile <asottile at umich.edu>:
```console
$ ln -s 'import os; os.system("echo hi")' __main__.py
$ ls -al
total 8
drwxr-xr-x 2 asottile asottile 4096 May 5 15:55 .
drwxr-xr-x 3 asottile asottile 4096 May 5 14:50 ..
lrwxrwxrwx 1 asottile asottile 31 May 5 15:55 __main__.py -> 'import os; os.system("echo hi")'
$ zip --symlinks out.zip __main__.py
adding: __main__.py (stored 0%)
$ python3 out.zip
hi
```
I expect the output to be similar to running `__main__.py`:
```
$ python3 __main__.py
python3: can't open file '__main__.py': [Errno 2] No such file or directory
```
(real usecase, I wanted `__main__.py` to be a symlink but got a very strange NameError and traced it down to executing the symlink target name instead of the symlink destination)
----------
components: Interpreter Core
messages: 368212
nosy: Anthony Sottile
priority: normal
severity: normal
status: open
title: zipapps execute symlinks as if they are code
type: behavior
versions: Python 3.7, Python 3.8, Python 3.9
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue40525>
_______________________________________
More information about the New-bugs-announce
mailing list