> Hello, > > The tempfile.mktemp function uses os.path.exists to test whether a file > already exists. Since this returns false for broken symbolic links, > wouldn't it be better if the function would actually do an os.lstat on > the filename? > > I know the function is not safe by definition, but this issue could > (with a low probability) cause the file to actually be created in > another directory, as the non-existent target of the symlink, instead of > in the given directory (the one in which the symlink resides). > > Regards, > Iustin Pop Sounds like a good suggestion; I'll see if I can check something in. (However, given that there already exists an attack on this function, does fixing this actually make any difference?) --Guido van Rossum (home page: http://www.python.org/~guido/)
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4