New submission from Mart Sõmermaa :
Proposal
Add update_query_params() for updating or adding URL query parameters to
urllib.parse and urlparse.
Discussion
--
Python-dev:
http://mail.python.org/pipermail/python-dev/2009-April/088675.html
Previously in Python-ideas:
http
Mart Sõmermaa added the comment:
> This is the 2.6 version. What about the 3.0 version in
> http://docs.python.org/3.0/reference/datamodel.html#object.__lt__
> needs to be updated?
When functools.total_ordering (whether it lands in functools is open)
lands that section should be amend
Mart Sõmermaa added the comment:
> Then why was this classified as a documentation issue?
As the documentation section of
http://docs.python.org/reference/datamodel.html#object.__lt__ needs to
be updated as well to mark the eventual solution as the recommended easy
way to provide to
New submission from Mart Sõmermaa :
See http://mail.python.org/pipermail/python-dev/2009-March/087000.html
and http://code.activestate.com/recipes/576685/ .
--
assignee: georg.brandl
components: Documentation, Library (Lib)
messages: 83490
nosy: georg.brandl, mrts, rhettinger
severity
Mart Sõmermaa added the comment:
A pointer for people who keep referring to this bug -- after
discussions, the following idiom was selected as the "official" way to
import modules by name in 2.x (as seen in latest 2.x docs
http://docs.python.org/dev/library/functions.html#__import__ )
Mart Sõmermaa added the comment:
Replying to previous comment:
> There's no way to do the "check inode then remove" sequence atomically.
Right, although the attack window would be tiny, this is not a real
solution.
___
Pyt
Mart Sõmermaa added the comment:
Antoine, what if we add another function, rmtree_safe() that uses
chdir() and document that it is protected from the race condition but
may have the side effect of changing the current dir in threaded
environment?
___
Python
Mart Sõmermaa added the comment:
Fixed a minor bug in test script and added Perl test as well.
Perl with File-Path-2.07 passes the test.
Added file: http://bugs.python.org/file12485/test_issue4489.sh
___
Python tracker
<http://bugs.python.org/issue4
Changes by Mart Sõmermaa :
Removed file: http://bugs.python.org/file12483/test_issue4489.sh
___
Python tracker
<http://bugs.python.org/issue4489>
___
___
Python-bug
Mart Sõmermaa added the comment:
A blunt, ineffective solution would be to walk the tree before removing
it and recording path : inode pairs in a dict on first pass and then
checking that the inodes have not changed during removal on second pass.
If no clever bulletproof fix emerges, perhaps
Mart Sõmermaa added the comment:
Aha, got it -- while removing /a/b/c/d, there's no easy way to detect
that b or c has become a symlink.
I.e.
given directory tree
a
`-- b
|-- c
`-- d
1. os.rmdir('/a/b/c') succeeds
2. execution is suspended
3. '/a/b' is made
Mart Sõmermaa added the comment:
And here's the diff so you can review what I was up to.
Note that this does not yet fix the problem (although the logic looks
about right), I have to examine the problem more thoroughly.
--
keywords: +patch
Added file: http://bugs.python.org/file
Changes by Mart Sõmermaa :
Added file: http://bugs.python.org/file12483/test_issue4489.sh
___
Python tracker
<http://bugs.python.org/issue4489>
___
___
Python-bugs-list m
Mart Sõmermaa added the comment:
Ah, right you are. Attaching an initial alpha-quality patched shutil.py
and a script to test the attack.
Run the script by sourcing it with . test_issue4489.sh, not by executing
(job control won't work in this case).
Added file: http://bugs.pytho
Mart Sõmermaa added the comment:
> Mmmh, the problem with Perl's approach is that it changes the current
> working directory (calls to chdir()), which is process-specific and not
> thread-specific. Currently, no function in shutil changes the current
> working directory
Mart Sõmermaa added the comment:
A shameless copy of the Perl fix for the bug
http://bugs.debian.org/286922 looks like the evident solution.
Somebody has to examine the fix though, I'm afraid I'm not currently
able to do it.
___
Python trac
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Brett, don't you think the
>>> import sys
>>> __import__('x.y.z')
>>> mod = sys.modules['x.y.z']
idiom should be recommended instead of/additionally to the lengthy
getattr() on
New submission from Mart Sõmermaa <[EMAIL PROTECTED]>:
Race condition in the rmtree function in the shutils module allows local
users to delete arbitrary files and directories via a symlink attack.
See also http://bugs.debian.org/286922
Attack:
---
# emulate removing /etc
$ sudo cp -
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Also, the examples that clarify __import__ behaviour by Nick Coghlan
should be added:
http://mail.python.org/pipermail/python-dev/2008-November/083735.html
---
"from foo.bar import baz" >
= __import__('foo
Changes by Mart Sõmermaa <[EMAIL PROTECTED]>:
--
components: -Interpreter Core
title: Add an easy way to __import___ submodules -> Given a module hierarchy
string 'a.b.c', add an easy way to import tail module 'c'
_
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Note that the hack described in http://bugs.python.org/issue2090 should
be disabled once this gets integrated.
___
Python tracker <[EMAIL PROTECTED]>
<http://bugs.pytho
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Implement imp.import_module() instead. See
http://mail.python.org/pipermail/python-dev/2008-November/083758.html
Added file: http://bugs.python.org/file12147/imp_import_module.diff
___
Python t
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
See also
http://mail.python.org/pipermail/python-dev/2008-November/083727.html
___
Python tracker <[EMAIL PROTECTED]>
<http://bugs.pytho
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Corrections and clarifications:
* I'd say labeling the patch naive and "breaking things" was misleading
(there was a breakage that resulted from stale files with incorrect
permissions from my previous build of Pyt
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Just a note that `make test` passes:
322 tests OK.
38 tests skipped:
test_aepack test_al test_applesingle test_bsddb test_bsddb185
test_bsddb3 test_cd test_cl test_codecmaps_cn test_codecmaps_hk
test_codecmaps_jp test_codecm
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Attached is a naive proof-of-concept implementation (that breaks things,
i.e. the real implementation should strive for better
general compatibility), but works as expected:
>>> __import__('imprt.foo.foo', submodu
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
See also http://bugs.python.org/issue4438
___
Python tracker <[EMAIL PROTECTED]>
<http://bugs.pytho
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Just for reference, the simplest workaround is to use:
modname = "foo.bar.baz.baq"
mod = __import__(modname, {}, {}, [modname.rsplit(".", 1)[-1]])
--
nosy: +mrts
New submission from Mart Sõmermaa <[EMAIL PROTECTED]>:
The need to dynamically import module foo given a module name string
'bar.baz.foo' is quite common.
Quite often, the hack described in http://bugs.python.org/issue2090 is
used (see e.g. the Google code results linke
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
I propose we add the following to that section as well.
If you need to provide access to a queue from both local and remote
processes, use `multiprocessing.Queue` in the server:
>>> from multiprocessing import Process,
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
Also, it would be helpful to elaborate a bit more on:
major:
* how to implement a queue that is shared both locally and remotely
(i.e. n local processes access the queue as well as m remote processes)
minor:
* blocking (assumption:
Mart Sõmermaa <[EMAIL PROTECTED]> added the comment:
The documentation should be amended as follows:
Running the following commands creates a server for a single shared
queue which remote clients can access:
>>> from multiprocessing.managers import BaseManager
>>>
32 matches
Mail list logo
