[Python-Dev] Security implications of pep 383
Glenn Linderman
v+python at g.nevcal.com
Tue Mar 29 22:00:51 CEST 2011
On 3/29/2011 12:10 PM, Toshio Kuratomi wrote:
> The possible flaw in python is this: Code like the blog poster wrote passes
> python3 without an error or a warning. This gives the programmer no
> feedback that they're doing something wrong until it actually bites them in
> the foot in deployed code.
Yes there is a certain level of knowledge required of the system
configuration and python defaults for accessing the system for things
like filenames. It can be coded in any of several ways.
But by the above definition of "possible flaw", that seems equivalent to
saying that Python should give a warning for things like
os.unlink("my-most-important-file.doc")
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20110329/3b21fb29/attachment.html>
More information about the Python-Dev
mailing list