E. Paine <paineeli...@gmail.com> added the comment:
> Most of them are in tests. There is no security issue there TBH, I don't know enough about the exploit to comment, but it seems that the tempfile tests take this seriously (Lib/test/test_tempfile.py:782 "For safety, all use of mktemp must occur in a private directory.") > distutils and msilib are dropped Is this wise? As you noted, PEP 594 and PEP 632 have yet to be approved (in which case, should we not still be looking at these modules, particularly as PEP 594 has been around for a while). > if someone wants to fix pydoc I am currently drafting a PR which will replace it with `NamedTemporaryFile` (and while we're at it, replace the `os.system` call with `subprocess.run`) ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue42278> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
