New submission from Марк Коренберг: 1. Please see last comments/patches for issue8052 2. Not closing some descriptos is security breach (PEP-0446 describes that)
================= Calling getdents()/readdir64() repeatedly while closing descriptors provides unexpected behaviour. Reading directory while it modified is not safe by default. For example: http://en.it-usenet.org/thread/18514/15719/. So, we should re-open directory if we received full array of structures. I don't know if just lseek(dirfd, 0) sufficies. Please reopen bug, as Linux behaviour of stable reading /proc/<pid>/fd may be broken in future without any error at python side (!) (typically, second call returns empty list if dir was modified) ================= Also, please check exit code of getdents() instead of just ignoring error and NOT closing file descriptors. ================= P.S. Please set affected python versions... ---------- components: Library (Lib) messages: 214100 nosy: mmarkk priority: normal severity: normal status: open title: Calling getdents()/readdir64() repeatedly while closing descriptors provides unexpected behaviour. type: security _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue20979> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
