[Python-checkins] cpython (merge 3.3 -> default): Issue #8890: Stop advertising an insecure use of /tmp in docs

petri.lehtinen python-checkins at python.org
Sat Feb 23 19:39:09 CET 2013 

http://hg.python.org/cpython/rev/6b0ca4cb7e4e
changeset:   82355:6b0ca4cb7e4e
parent:      82351:6342055ac220
parent:      82354:18e20e146396
user:        Petri Lehtinen <petri at digip.org>
date:        Sat Feb 23 19:37:01 2013 +0100
summary:
  Issue #8890: Stop advertising an insecure use of /tmp in docs

files:
  Doc/install/index.rst        |   2 +-
  Doc/library/atexit.rst       |   4 ++--
  Doc/library/cgi.rst          |   2 +-
  Doc/library/imghdr.rst       |   2 +-
  Doc/library/mailcap.rst      |   4 ++--
  Doc/library/nntplib.rst      |   2 +-
  Doc/library/optparse.rst     |   4 ++--
  Doc/library/pipes.rst        |   6 +++---
  Doc/library/sqlite3.rst      |   4 ++--
  Doc/library/trace.rst        |   4 ++--
  Doc/library/zipimport.rst    |  10 +++++-----
  Doc/tutorial/inputoutput.rst |   8 ++++----
  Misc/ACKS                    |   1 +
  Misc/NEWS                    |   4 ++++
  14 files changed, 31 insertions(+), 26 deletions(-)


diff --git a/Doc/install/index.rst b/Doc/install/index.rst
--- a/Doc/install/index.rst
+++ b/Doc/install/index.rst
@@ -189,7 +189,7 @@
 to keep the source tree pristine, you can change the build directory with the
 :option:`--build-base` option. For example::
 
-   python setup.py build --build-base=/tmp/pybuild/foo-1.0
+   python setup.py build --build-base=/path/to/pybuild/foo-1.0
 
 (Or you could do this permanently with a directive in your system or personal
 Distutils configuration file; see section :ref:`inst-config-files`.)  Normally, this
diff --git a/Doc/library/atexit.rst b/Doc/library/atexit.rst
--- a/Doc/library/atexit.rst
+++ b/Doc/library/atexit.rst
@@ -68,7 +68,7 @@
 making an explicit call into this module at termination. ::
 
    try:
-       with open("/tmp/counter") as infile:
+       with open("counterfile") as infile:
            _count = int(infile.read())
    except FileNotFoundError:
        _count = 0
@@ -78,7 +78,7 @@
        _count = _count + n
 
    def savecounter():
-       with open("/tmp/counter", "w") as outfile:
+       with open("counterfile", "w") as outfile:
            outfile.write("%d" % _count)
 
    import atexit
diff --git a/Doc/library/cgi.rst b/Doc/library/cgi.rst
--- a/Doc/library/cgi.rst
+++ b/Doc/library/cgi.rst
@@ -79,7 +79,7 @@
 instead, with code like this::
 
    import cgitb
-   cgitb.enable(display=0, logdir="/tmp")
+   cgitb.enable(display=0, logdir="/path/to/logdir")
 
 It's very helpful to use this feature during script development. The reports
 produced by :mod:`cgitb` provide information that can save you a lot of time in
diff --git a/Doc/library/imghdr.rst b/Doc/library/imghdr.rst
--- a/Doc/library/imghdr.rst
+++ b/Doc/library/imghdr.rst
@@ -65,6 +65,6 @@
 Example::
 
    >>> import imghdr
-   >>> imghdr.what('/tmp/bass.gif')
+   >>> imghdr.what('bass.gif')
    'gif'
 
diff --git a/Doc/library/mailcap.rst b/Doc/library/mailcap.rst
--- a/Doc/library/mailcap.rst
+++ b/Doc/library/mailcap.rst
@@ -71,6 +71,6 @@
 
    >>> import mailcap
    >>> d=mailcap.getcaps()
-   >>> mailcap.findmatch(d, 'video/mpeg', filename='/tmp/tmp1223')
-   ('xmpeg /tmp/tmp1223', {'view': 'xmpeg %s'})
+   >>> mailcap.findmatch(d, 'video/mpeg', filename='tmp1223')
+   ('xmpeg tmp1223', {'view': 'xmpeg %s'})
 
diff --git a/Doc/library/nntplib.rst b/Doc/library/nntplib.rst
--- a/Doc/library/nntplib.rst
+++ b/Doc/library/nntplib.rst
@@ -46,7 +46,7 @@
 headers, and that you have right to post on the particular newsgroup)::
 
    >>> s = nntplib.NNTP('news.gmane.org')
-   >>> f = open('/tmp/article.txt', 'rb')
+   >>> f = open('article.txt', 'rb')
    >>> s.post(f)
    '240 Article posted successfully.'
    >>> s.quit()
diff --git a/Doc/library/optparse.rst b/Doc/library/optparse.rst
--- a/Doc/library/optparse.rst
+++ b/Doc/library/optparse.rst
@@ -171,10 +171,10 @@
 
 For example, consider this hypothetical command-line::
 
-   prog -v --report /tmp/report.txt foo bar
+   prog -v --report report.txt foo bar
 
 ``-v`` and ``--report`` are both options.  Assuming that ``--report``
-takes one argument, ``/tmp/report.txt`` is an option argument.  ``foo`` and
+takes one argument, ``report.txt`` is an option argument.  ``foo`` and
 ``bar`` are positional arguments.
 
 
diff --git a/Doc/library/pipes.rst b/Doc/library/pipes.rst
--- a/Doc/library/pipes.rst
+++ b/Doc/library/pipes.rst
@@ -26,12 +26,12 @@
 Example::
 
    >>> import pipes
-   >>> t=pipes.Template()
+   >>> t = pipes.Template()
    >>> t.append('tr a-z A-Z', '--')
-   >>> f=t.open('/tmp/1', 'w')
+   >>> f = t.open('pipefile', 'w')
    >>> f.write('hello world')
    >>> f.close()
-   >>> open('/tmp/1').read()
+   >>> open('pipefile').read()
    'HELLO WORLD'
 
 
diff --git a/Doc/library/sqlite3.rst b/Doc/library/sqlite3.rst
--- a/Doc/library/sqlite3.rst
+++ b/Doc/library/sqlite3.rst
@@ -18,10 +18,10 @@
 
 To use the module, you must first create a :class:`Connection` object that
 represents the database.  Here the data will be stored in the
-:file:`/tmp/example` file::
+:file:`example.db` file::
 
    import sqlite3
-   conn = sqlite3.connect('/tmp/example')
+   conn = sqlite3.connect('example.db')
 
 You can also supply the special name ``:memory:`` to create a database in RAM.
 
diff --git a/Doc/library/trace.rst b/Doc/library/trace.rst
--- a/Doc/library/trace.rst
+++ b/Doc/library/trace.rst
@@ -201,7 +201,7 @@
    # run the new command using the given tracer
    tracer.run('main()')
 
-   # make a report, placing output in /tmp
+   # make a report, placing output in the current directory
    r = tracer.results()
-   r.write_results(show_missing=True, coverdir="/tmp")
+   r.write_results(show_missing=True, coverdir=".")
 
diff --git a/Doc/library/zipimport.rst b/Doc/library/zipimport.rst
--- a/Doc/library/zipimport.rst
+++ b/Doc/library/zipimport.rst
@@ -16,7 +16,7 @@
 also allows an item of :data:`sys.path` to be a string naming a ZIP file archive.
 The ZIP archive can contain a subdirectory structure to support package imports,
 and a path within the archive can be specified to only import from a
-subdirectory.  For example, the path :file:`/tmp/example.zip/lib/` would only
+subdirectory.  For example, the path :file:`example.zip/lib/` would only
 import from the :file:`lib/` subdirectory within the archive.
 
 Any files may be present in the ZIP archive, but only files :file:`.py` and
@@ -147,8 +147,8 @@
 Here is an example that imports a module from a ZIP archive - note that the
 :mod:`zipimport` module is not explicitly used. ::
 
-   $ unzip -l /tmp/example.zip
-   Archive:  /tmp/example.zip
+   $ unzip -l example.zip
+   Archive:  example.zip
      Length     Date   Time    Name
     --------    ----   ----    ----
         8467  11-26-02 22:30   jwzthreading.py
@@ -157,8 +157,8 @@
    $ ./python
    Python 2.3 (#1, Aug 1 2003, 19:54:32)
    >>> import sys
-   >>> sys.path.insert(0, '/tmp/example.zip')  # Add .zip file to front of path
+   >>> sys.path.insert(0, 'example.zip')  # Add .zip file to front of path
    >>> import jwzthreading
    >>> jwzthreading.__file__
-   '/tmp/example.zip/jwzthreading.py'
+   'example.zip/jwzthreading.py'
 
diff --git a/Doc/tutorial/inputoutput.rst b/Doc/tutorial/inputoutput.rst
--- a/Doc/tutorial/inputoutput.rst
+++ b/Doc/tutorial/inputoutput.rst
@@ -234,12 +234,12 @@
 
 ::
 
-   >>> f = open('/tmp/workfile', 'w')
+   >>> f = open('workfile', 'w')
 
 .. XXX str(f) is <io.TextIOWrapper object at 0x82e8dc4>
 
    >>> print(f)
-   <open file '/tmp/workfile', mode 'w' at 80a0960>
+   <open file 'workfile', mode 'w' at 80a0960>
 
 The first argument is a string containing the filename.  The second argument is
 another string containing a few characters describing the way in which the file
@@ -346,7 +346,7 @@
 the reference point.  *from_what* can be omitted and defaults to 0, using the
 beginning of the file as the reference point. ::
 
-   >>> f = open('/tmp/workfile', 'rb+')
+   >>> f = open('workfile', 'rb+')
    >>> f.write(b'0123456789abcdef')
    16
    >>> f.seek(5)     # Go to the 6th byte in the file
@@ -377,7 +377,7 @@
 suite finishes, even if an exception is raised on the way.  It is also much
 shorter than writing equivalent :keyword:`try`\ -\ :keyword:`finally` blocks::
 
-    >>> with open('/tmp/workfile', 'r') as f:
+    >>> with open('workfile', 'r') as f:
     ...     read_data = f.read()
     >>> f.closed
     True
diff --git a/Misc/ACKS b/Misc/ACKS
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -1302,6 +1302,7 @@
 Sue Williams
 Steven Willis
 Frank Willison
+Geoff Wilson
 Greg V. Wilson
 J Derek Wilson
 Paul Winkler
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -1012,6 +1012,10 @@
 Documentation
 -------------
 
+- Issue #8890: Stop advertising an insecure practice by replacing uses
+  of the /tmp directory with better alternatives in the documentation.
+  Patch by Geoff Wilson.
+
 - Issue #17203: add long option names to unittest discovery docs.
 
 - Issue #13094: add "Why do lambdas defined in a loop with different values

-- 
Repository URL: http://hg.python.org/cpython

More information about the Python-checkins mailing list