Antoine Pitrou wrote:
On Wed, 20 Mar 2019 11:25:53 +1300
Greg Ewing wrote:
So use NamedTemporaryFile(delete = False) and close it before passing
it to the other program.
How is it more secure than using mktemp()?
It's not, but it solves the problem someone suggested of another
program not
> On Mar 20, 2019, at 6:07 PM, Victor Stinner wrote:
>
> what's the rationale of this backward incompatible change?
Please refrain from abusive mischaracterizations. It is only backwards
incompatible if there was a guaranteed behavior. Whether there was or not is
what this thread is about.
Le lun. 18 mars 2019 à 23:41, Raymond Hettinger
a écrit :
> The code in the current 3.8 alpha differs from 3.7 in that it removes
> attribute sorting and instead preserves the order the user specified when
> creating an element. As far as I can tell, there is no objection to this as
> a featur
> On Mar 20, 2019, at 5:22 PM, Victor Stinner wrote:
>
> I don't understand why such simple solution has been rejected.
It hasn't been rejected. That is above my pay grade. Stefan and I recommended
against going down this path. However, since you're in disagreement and have
marked this as a
Le jeu. 21 mars 2019 à 01:30, Raymond Hettinger
a écrit :
> There's no preaching and no judgment. We can't have a conversation though if
> we can't state the crux of the problem: some existing tests in third-party
> modules depend on the XML serialization being byte-for-byte identical
> foreve
> On Mar 19, 2019, at 4:53 AM, Ned Batchelder wrote:
>
> None of this is impossible, but please try not to preach to us maintainers
> that we are doing it wrong, that it will be easy to fix, etc
There's no preaching and no judgment. We can't have a conversation though if
we can't state the
Hi,
Le lun. 18 mars 2019 à 23:41, Raymond Hettinger
a écrit :
> We're having a super interesting discussion on
> https://bugs.python.org/issue34160 . It is now marked as a release blocker
> and warrants a broader discussion.
Thanks for starting a thread on python-dev. I'm the one who raised t
> On Mar 20, 2019, at 3:59 PM, Ethan Furman wrote:
>
> Hmm. Said somewhat less snarkily, is there a more general solution to the
> problem of absent docstrings or do we have to attack this problem
> piece-by-piece?
I think this is the last piece. The pydoc help() utility already knows how
> On Mar 20, 2019, at 3:47 PM, Ivan Pozdeev via Python-Dev
> wrote:
>
>> NormalDist.mu.__doc__ = 'Arithmetic mean'
>> NormalDist.sigma.__doc__ = 'Standard deviation'
>
> IMO this is another manifestation of the problem that things in the class
> definition have no access to the class object.
On 03/20/2019 03:24 PM, Ethan Furman wrote:
On 03/19/2019 11:55 AM, Raymond Hettinger wrote:
There's another way I would like to propose. The __slots__
definition already works with any iterable including a
dictionary (the dict values are ignored), so we could use the
values for the docst
> On Mar 20, 2019, at 3:30 PM, Gregory P. Smith wrote:
>
> I like the idea of documenting attributes, but we shouldn't force the user to
> use __slots__ as that has significant side effects and is rarely something
> people should bother to use.
Member objects are like property objects in tha
Before we can say if something is "secure" or not, we need a threat model -- i.e we need to agree which use cases we are protecting and from
what threats.
So far, I've seen these use cases:
1. File for the current process' private use
2. File/file name generated by the current process; written
On 19.03.2019 21:55, Raymond Hettinger wrote:
I'm working on ways to make improve help() by giving docstrings to member
objects.
One way to do it is to wait until after the class definition and then make
individual, direct assignments to __doc__ attributes.This way widely the
separates docstr
(answers above and below the quoting)
I like the idea of documenting attributes, but we shouldn't force the user
to use __slots__ as that has significant side effects and is rarely
something people should bother to use. There are multiple types of
attributes. class and instance. but regardless
On 03/19/2019 11:55 AM, Raymond Hettinger wrote:
I'm working on ways to make improve help() by giving docstrings
to member objects.
Cool!
There's another way I would like to propose. The __slots__
definition already works with any iterable including a
dictionary (the dict values are igno
On Wed, 20 Mar 2019 11:25:53 +1300
Greg Ewing wrote:
> Antoine Pitrou wrote:
> > Does it always work? According to the docs, """Whether the name can be
> > used to open the file a second time, while the named temporary file is
> > still open, varies across platforms
>
> So use NamedTemporaryFil
Victor Stinner:
> To be clear: mktemp() is vulnerable by design
No: mktemp() is vulnerable by implementation. Specifically, returning a file
name in a world-accessible location, /tmp.
regards, Anders
___
Python-Dev mailing list
Python-Dev@python.org
Steven D'Aprano:
>> 128 bits seems like overkill: There's no birthday attack because
>> no-one keeps 2^(ENTROPY_BITS/2) files around
> You haven't seen my Downloads folder... :-)
I put it to you that those files are not temporary :-)
> Why be so miserly with entropy?
I don't necessarily disagre
On Wed, Mar 20, 2019 at 12:45:40PM +0100, Victor Stinner wrote:
> Hi,
>
> I'm not really convinced that mktemp() should be made "more secure".
> To be clear: mktemp() is vulnerable by design. It's not a matter of
> entropy. You can watch the /tmp directory using inotify and "discover"
> immediatel
On 2019-03-20 12:45, Victor Stinner wrote:
You can watch the /tmp directory using inotify and "discover"
immediately the "secret" filename, it doesn't depend on the amount of
entropy used to generate the filename.
That's not the problem. The security issue here is guessing the filename
*before
On Wed, Mar 20, 2019 at 11:25:03AM +, Anders Munch wrote:
> 128 bits seems like overkill: There's no birthday attack because no-one keeps
> 2^(ENTROPY_BITS/2) files around,
You haven't seen my Downloads folder... :-)
But seriously:
> and the attack is running on the attackee's
> system, so
Hi,
I'm not really convinced that mktemp() should be made "more secure".
To be clear: mktemp() is vulnerable by design. It's not a matter of
entropy. You can watch the /tmp directory using inotify and "discover"
immediately the "secret" filename, it doesn't depend on the amount of
entropy used to
Nathaniel J. Smith:
> Historically, mktemp variants have caused *tons* of serious security
> vulnerabilities. It's not a theoretical issue.
All the more reason to have a standard library function that gets it right.
> The choice of ENTROPY_BYTES is an interesting question. 16 (= 128 bits) would
>
On 3/20/19, Anders Munch wrote:
>
> You are right, I must have mentally reversed the polarity of the delete
> argument. And I didn't realise that the access right on a file had the
> power to prevent itself from being removed from the folder that it's in. I
> thought the access flags were a prop
Anders Munch:
>>> So use NamedTemporaryFile(delete = False) and close it before passing it to
>>> the other program.
>> That's effectively the same as calling tempfile.mktemp. While it does
>> waste time opening and closing an unused file, that doesn't help with
>> security
Sebastian Rittau:
>
Am 20.03.19 um 09:47 schrieb Anders Munch:
Greg Ewing:
So use NamedTemporaryFile(delete = False) and close it before passing it to the
other program.
That's effectively the same as calling tempfile.mktemp. While it does waste
time opening and closing an unused file, that doesn't help with
Greg Ewing:
> So use NamedTemporaryFile(delete = False) and close it before passing it to
> the other program.
That's effectively the same as calling tempfile.mktemp. While it does waste
time opening and closing an unused file, that doesn't help with security. If
anything, it might worsen se
19.03.19 15:39, Antoine Pitrou пише:
The fact that many projects, including well-maintained ones such Sphinx
or pip, use mktemp(), may be a hint that replacing it is not as easy as
the people writing the Python documentation seem to think.
Sorry, it was my mistake (searching mkdir instead of mk
19.03.19 16:21, Paul Ganssle пише:
I'm not sure the relationship with mkdir and mktemp here. I don't see
any uses of tempfile.mktemp in pip or setuptools, though they do use
os.mkdir (which is not deprecated).
Both pip and setuptools use pytest's tmpdir_factory.mktemp() in their
test suites, but
19.03.19 20:55, Raymond Hettinger пише:
I'm working on ways to make improve help() by giving docstrings to member
objects.
One way to do it is to wait until after the class definition and then make
individual, direct assignments to __doc__ attributes.This way widely the
separates docstrings f
30 matches
Mail list logo
