[issue4489] shutil.rmtree is vulnerable to a symlink attack
Mart Sõmermaa
report at bugs.python.org
Mon Dec 29 12:26:42 CET 2008
Mart Sõmermaa <mrts at mrts.pri.ee> added the comment:
Replying to previous comment:
> There's no way to do the "check inode then remove" sequence atomically.
Right, although the attack window would be tiny, this is not a real
solution.
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue4489>
_______________________________________
More information about the Python-bugs-list
mailing list