[Python-checkins] cpython (merge 3.3 -> default): Issue #8890: Stop advertising an insecure use of /tmp in docs
petri.lehtinen
python-checkins at python.org
Sat Feb 23 19:39:09 CET 2013
http://hg.python.org/cpython/rev/6b0ca4cb7e4e
changeset: 82355:6b0ca4cb7e4e
parent: 82351:6342055ac220
parent: 82354:18e20e146396
user: Petri Lehtinen <petri at digip.org>
date: Sat Feb 23 19:37:01 2013 +0100
summary:
Issue #8890: Stop advertising an insecure use of /tmp in docs
files:
Doc/install/index.rst | 2 +-
Doc/library/atexit.rst | 4 ++--
Doc/library/cgi.rst | 2 +-
Doc/library/imghdr.rst | 2 +-
Doc/library/mailcap.rst | 4 ++--
Doc/library/nntplib.rst | 2 +-
Doc/library/optparse.rst | 4 ++--
Doc/library/pipes.rst | 6 +++---
Doc/library/sqlite3.rst | 4 ++--
Doc/library/trace.rst | 4 ++--
Doc/library/zipimport.rst | 10 +++++-----
Doc/tutorial/inputoutput.rst | 8 ++++----
Misc/ACKS | 1 +
Misc/NEWS | 4 ++++
14 files changed, 31 insertions(+), 26 deletions(-)
diff --git a/Doc/install/index.rst b/Doc/install/index.rst
--- a/Doc/install/index.rst
+++ b/Doc/install/index.rst
@@ -189,7 +189,7 @@
to keep the source tree pristine, you can change the build directory with the
:option:`--build-base` option. For example::
- python setup.py build --build-base=/tmp/pybuild/foo-1.0
+ python setup.py build --build-base=/path/to/pybuild/foo-1.0
(Or you could do this permanently with a directive in your system or personal
Distutils configuration file; see section :ref:`inst-config-files`.) Normally, this
diff --git a/Doc/library/atexit.rst b/Doc/library/atexit.rst
--- a/Doc/library/atexit.rst
+++ b/Doc/library/atexit.rst
@@ -68,7 +68,7 @@
making an explicit call into this module at termination. ::
try:
- with open("/tmp/counter") as infile:
+ with open("counterfile") as infile:
_count = int(infile.read())
except FileNotFoundError:
_count = 0
@@ -78,7 +78,7 @@
_count = _count + n
def savecounter():
- with open("/tmp/counter", "w") as outfile:
+ with open("counterfile", "w") as outfile:
outfile.write("%d" % _count)
import atexit
diff --git a/Doc/library/cgi.rst b/Doc/library/cgi.rst
--- a/Doc/library/cgi.rst
+++ b/Doc/library/cgi.rst
@@ -79,7 +79,7 @@
instead, with code like this::
import cgitb
- cgitb.enable(display=0, logdir="/tmp")
+ cgitb.enable(display=0, logdir="/path/to/logdir")
It's very helpful to use this feature during script development. The reports
produced by :mod:`cgitb` provide information that can save you a lot of time in
diff --git a/Doc/library/imghdr.rst b/Doc/library/imghdr.rst
--- a/Doc/library/imghdr.rst
+++ b/Doc/library/imghdr.rst
@@ -65,6 +65,6 @@
Example::
>>> import imghdr
- >>> imghdr.what('/tmp/bass.gif')
+ >>> imghdr.what('bass.gif')
'gif'
diff --git a/Doc/library/mailcap.rst b/Doc/library/mailcap.rst
--- a/Doc/library/mailcap.rst
+++ b/Doc/library/mailcap.rst
@@ -71,6 +71,6 @@
>>> import mailcap
>>> d=mailcap.getcaps()
- >>> mailcap.findmatch(d, 'video/mpeg', filename='/tmp/tmp1223')
- ('xmpeg /tmp/tmp1223', {'view': 'xmpeg %s'})
+ >>> mailcap.findmatch(d, 'video/mpeg', filename='tmp1223')
+ ('xmpeg tmp1223', {'view': 'xmpeg %s'})
diff --git a/Doc/library/nntplib.rst b/Doc/library/nntplib.rst
--- a/Doc/library/nntplib.rst
+++ b/Doc/library/nntplib.rst
@@ -46,7 +46,7 @@
headers, and that you have right to post on the particular newsgroup)::
>>> s = nntplib.NNTP('news.gmane.org')
- >>> f = open('/tmp/article.txt', 'rb')
+ >>> f = open('article.txt', 'rb')
>>> s.post(f)
'240 Article posted successfully.'
>>> s.quit()
diff --git a/Doc/library/optparse.rst b/Doc/library/optparse.rst
--- a/Doc/library/optparse.rst
+++ b/Doc/library/optparse.rst
@@ -171,10 +171,10 @@
For example, consider this hypothetical command-line::
- prog -v --report /tmp/report.txt foo bar
+ prog -v --report report.txt foo bar
``-v`` and ``--report`` are both options. Assuming that ``--report``
-takes one argument, ``/tmp/report.txt`` is an option argument. ``foo`` and
+takes one argument, ``report.txt`` is an option argument. ``foo`` and
``bar`` are positional arguments.
diff --git a/Doc/library/pipes.rst b/Doc/library/pipes.rst
--- a/Doc/library/pipes.rst
+++ b/Doc/library/pipes.rst
@@ -26,12 +26,12 @@
Example::
>>> import pipes
- >>> t=pipes.Template()
+ >>> t = pipes.Template()
>>> t.append('tr a-z A-Z', '--')
- >>> f=t.open('/tmp/1', 'w')
+ >>> f = t.open('pipefile', 'w')
>>> f.write('hello world')
>>> f.close()
- >>> open('/tmp/1').read()
+ >>> open('pipefile').read()
'HELLO WORLD'
diff --git a/Doc/library/sqlite3.rst b/Doc/library/sqlite3.rst
--- a/Doc/library/sqlite3.rst
+++ b/Doc/library/sqlite3.rst
@@ -18,10 +18,10 @@
To use the module, you must first create a :class:`Connection` object that
represents the database. Here the data will be stored in the
-:file:`/tmp/example` file::
+:file:`example.db` file::
import sqlite3
- conn = sqlite3.connect('/tmp/example')
+ conn = sqlite3.connect('example.db')
You can also supply the special name ``:memory:`` to create a database in RAM.
diff --git a/Doc/library/trace.rst b/Doc/library/trace.rst
--- a/Doc/library/trace.rst
+++ b/Doc/library/trace.rst
@@ -201,7 +201,7 @@
# run the new command using the given tracer
tracer.run('main()')
- # make a report, placing output in /tmp
+ # make a report, placing output in the current directory
r = tracer.results()
- r.write_results(show_missing=True, coverdir="/tmp")
+ r.write_results(show_missing=True, coverdir=".")
diff --git a/Doc/library/zipimport.rst b/Doc/library/zipimport.rst
--- a/Doc/library/zipimport.rst
+++ b/Doc/library/zipimport.rst
@@ -16,7 +16,7 @@
also allows an item of :data:`sys.path` to be a string naming a ZIP file archive.
The ZIP archive can contain a subdirectory structure to support package imports,
and a path within the archive can be specified to only import from a
-subdirectory. For example, the path :file:`/tmp/example.zip/lib/` would only
+subdirectory. For example, the path :file:`example.zip/lib/` would only
import from the :file:`lib/` subdirectory within the archive.
Any files may be present in the ZIP archive, but only files :file:`.py` and
@@ -147,8 +147,8 @@
Here is an example that imports a module from a ZIP archive - note that the
:mod:`zipimport` module is not explicitly used. ::
- $ unzip -l /tmp/example.zip
- Archive: /tmp/example.zip
+ $ unzip -l example.zip
+ Archive: example.zip
Length Date Time Name
-------- ---- ---- ----
8467 11-26-02 22:30 jwzthreading.py
@@ -157,8 +157,8 @@
$ ./python
Python 2.3 (#1, Aug 1 2003, 19:54:32)
>>> import sys
- >>> sys.path.insert(0, '/tmp/example.zip') # Add .zip file to front of path
+ >>> sys.path.insert(0, 'example.zip') # Add .zip file to front of path
>>> import jwzthreading
>>> jwzthreading.__file__
- '/tmp/example.zip/jwzthreading.py'
+ 'example.zip/jwzthreading.py'
diff --git a/Doc/tutorial/inputoutput.rst b/Doc/tutorial/inputoutput.rst
--- a/Doc/tutorial/inputoutput.rst
+++ b/Doc/tutorial/inputoutput.rst
@@ -234,12 +234,12 @@
::
- >>> f = open('/tmp/workfile', 'w')
+ >>> f = open('workfile', 'w')
.. XXX str(f) is <io.TextIOWrapper object at 0x82e8dc4>
>>> print(f)
- <open file '/tmp/workfile', mode 'w' at 80a0960>
+ <open file 'workfile', mode 'w' at 80a0960>
The first argument is a string containing the filename. The second argument is
another string containing a few characters describing the way in which the file
@@ -346,7 +346,7 @@
the reference point. *from_what* can be omitted and defaults to 0, using the
beginning of the file as the reference point. ::
- >>> f = open('/tmp/workfile', 'rb+')
+ >>> f = open('workfile', 'rb+')
>>> f.write(b'0123456789abcdef')
16
>>> f.seek(5) # Go to the 6th byte in the file
@@ -377,7 +377,7 @@
suite finishes, even if an exception is raised on the way. It is also much
shorter than writing equivalent :keyword:`try`\ -\ :keyword:`finally` blocks::
- >>> with open('/tmp/workfile', 'r') as f:
+ >>> with open('workfile', 'r') as f:
... read_data = f.read()
>>> f.closed
True
diff --git a/Misc/ACKS b/Misc/ACKS
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -1302,6 +1302,7 @@
Sue Williams
Steven Willis
Frank Willison
+Geoff Wilson
Greg V. Wilson
J Derek Wilson
Paul Winkler
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -1012,6 +1012,10 @@
Documentation
-------------
+- Issue #8890: Stop advertising an insecure practice by replacing uses
+ of the /tmp directory with better alternatives in the documentation.
+ Patch by Geoff Wilson.
+
- Issue #17203: add long option names to unittest discovery docs.
- Issue #13094: add "Why do lambdas defined in a loop with different values
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list