On Thu, Sep 8, 2016 at 1:30 AM, Lawrence D’Oliveiro
wrote:
> On Monday, August 22, 2016 at 4:18:39 PM UTC+12, eryk sun wrote:
>> It would help to consult a reverse-engineered implementation of
>> RtlGetFullPathName_Ustr and RtlIsDosDeviceName_Ustr. I'll check the
>>
On Monday, August 22, 2016 at 4:18:39 PM UTC+12, eryk sun wrote:
> It would help to consult a reverse-engineered implementation of
> RtlGetFullPathName_Ustr and RtlIsDosDeviceName_Ustr. I'll check the
> ReactOS source code.
This
On Fri, Aug 26, 2016 at 11:28 AM, Jon Ribbens wrote:
> On 2016-08-24, Chris Angelico wrote:
>> On Thu, Aug 25, 2016 at 7:00 AM, eryk sun wrote:
>>> I discovered why "Logs/con.txt" isn't working right in Windows 7,
>>> while
On 2016-08-24, Chris Angelico wrote:
> On Thu, Aug 25, 2016 at 7:00 AM, eryk sun wrote:
>> I discovered why "Logs/con.txt" isn't working right in Windows 7,
>> while "Logs/nul.txt" does get redirected correctly to r"\\.\nul".
>> Prior to Windows 8 the console
On Thu, Aug 25, 2016 at 7:00 AM, eryk sun wrote:
> I discovered why "Logs/con.txt" isn't working right in Windows 7,
> while "Logs/nul.txt" does get redirected correctly to r"\\.\nul".
> Prior to Windows 8 the console doesn't use an NT device, so the base
> API has a function
On Mon, Aug 22, 2016 at 5:24 PM, Chris Angelico wrote:
> On Tue, Aug 23, 2016 at 3:13 AM, eryk sun wrote:
>> On Mon, Aug 22, 2016 at 4:18 PM, Chris Angelico wrote:
>>>
The CON device should work if the process is attached to a console
On 08/19/2016 06:11 PM, Wildman via Python-list wrote:
Since I am fairly new to Python, I realize there is much that I
still don't know but I don't understand how Windows can have
reserved names on a Linux system. What am I missing?
A PureWindowsPath (and PurePosixPath and PurePath) is a
On Mon, 22 Aug 2016 17:27:13 +, Jon Ribbens wrote:
> On 2016-08-22, Chris Angelico wrote:
>> I tried things like "con.txt" and it simply failed (no such file or
>> directory), without printing anything to the console.
>
> I'm not sure how you got that to fail, but writing
On 2016-08-22, Steve D'Aprano wrote:
> I'm not really sure what the question is -- we've established that there's a
> bug in the non-Windows implementation that tries to emulate Window's
> behaviour. What else is there to argue about?
It doesn't seem to be "the
On Tue, 23 Aug 2016 03:13 am, eryk sun wrote:
> But if they open files
> like "C:\Users\JoeUser\Documents\Nul.20160822.doc", I want to make
> sure they know that they just asked to save to "\\.\NUL". It's not a
> common problem. I just find the system's behavior abhorrent. I'd like
> to have a
On Tue, Aug 23, 2016 at 3:32 AM, Tim Chase
wrote:
> On 2016-08-23 02:20, Chris Angelico wrote:
>> It generally will (or rather, only if the file has one of a
>> particular set of extensions). Automatic thumbnailing is usually
>> done only for certain file names. I
On 2016-08-22, Steve D'Aprano wrote:
> On Mon, 22 Aug 2016 09:50 pm, Jon Ribbens wrote:
>> I don't know what purpose you are envisaging this function being used
>> for, but the only one I can think of is input sanitisation. e.g. a web
>> form where you receive a file
On 2016-08-22 22:39, Chris Angelico wrote:
> Nope. On Windows, you would try/except it. There are myriad other
> ways something could fail, and the only correct action is to
> attempt it. Most of the reserved names will simply give an error;
The problem is that when opening such a pseudo-file,
On 2016-08-23 02:20, Chris Angelico wrote:
> It generally will (or rather, only if the file has one of a
> particular set of extensions). Automatic thumbnailing is usually
> done only for certain file names. I don't know of anything that
> opens every single file to see if it has a JFIF signature
On 2016-08-22, Chris Angelico wrote:
> I tried things like "con.txt" and it simply failed (no such file or
> directory), without printing anything to the console.
I'm not sure how you got that to fail, but writing to "con.txt"
certainly does write to the console in Windows 10 -
On Tue, Aug 23, 2016 at 3:13 AM, eryk sun wrote:
> On Mon, Aug 22, 2016 at 4:18 PM, Chris Angelico wrote:
>>
>>> The CON device should work if the process is attached to a console
>>> (i.e. a conhost.exe instance).
>>
>> No, I used Pike (to avoid any
On Mon, Aug 22, 2016 at 4:18 PM, Chris Angelico wrote:
>
>> The CON device should work if the process is attached to a console
>> (i.e. a conhost.exe instance).
>
> No, I used Pike (to avoid any specifically-Python issues or
> protections) running in a console. Attempting to
On Mon, Aug 22, 2016 at 3:40 PM, Chris Angelico wrote:
> Windows has some other issues, including that arbitrary files can
> become executable very easily (eg if %PATHEXT% includes its file
> extension),
cmd uses PATHEXT to augment its search by appending each extension in
the
On Tue, Aug 23, 2016 at 1:56 AM, Random832 wrote:
>> And any GUI that automatically calculates thumbnails from
>> image files (this includes Windows, Mac OS, and more than one Linux
>> window manager) could potentially be attacked via a malformed file,
>> simply by having
On Tue, Aug 23, 2016 at 1:54 AM, eryk sun wrote:
> On Mon, Aug 22, 2016 at 1:17 PM, Chris Angelico wrote:
>> I tried things like "con.txt" and it simply failed (no such file or
>> directory), without printing anything to the console.
>
> Are you using IDLE or
On Mon, Aug 22, 2016, at 11:40, Chris Angelico wrote:
> Windows has some other issues, including that arbitrary files can
> become executable very easily (eg if %PATHEXT% includes its file
> extension), and since the current directory is always at the beginning
> of your path, this can easily turn
On Mon, Aug 22, 2016 at 1:17 PM, Chris Angelico wrote:
> I tried things like "con.txt" and it simply failed (no such file or
> directory), without printing anything to the console.
Are you using IDLE or some other IDE that uses pythonw.exe instead of
python.exe? If so, first
On Tue, Aug 23, 2016 at 12:21 AM, Ben Finney wrote:
>
> So yes, filenames from arbitrary sources should be *completely*
> untrusted, and never used to access any file on the system. Throw the
> entire filename away and make a filename locally, without using any part
>
On Tue, Aug 23, 2016 at 12:34 AM, Random832 wrote:
> On Mon, Aug 22, 2016, at 10:21, Ben Finney wrote:
>> So yes, filenames from arbitrary sources should be *completely*
>> untrusted, and never used to access any file on the system. Throw the
>> entire filename away and
On 2016-08-23 00:21, Ben Finney wrote:
> So yes, filenames from arbitrary sources should be *completely*
> untrusted, and never used to access any file on the system. Throw
> the entire filename away and make a filename locally, without using
> any part of the original name.
Sadly, this ideal
On Mon, Aug 22, 2016, at 10:21, Ben Finney wrote:
> So yes, filenames from arbitrary sources should be *completely*
> untrusted, and never used to access any file on the system. Throw the
> entire filename away and make a filename locally, without using any part
> of the original name.
To be
Chris Angelico writes:
> […] to be honest, I wouldn't accept file names from untrusted sources
> on *any* system […]
That's one of the wiser things said in this whole thread.
> I'd use arbitrary numbers or hashes as the file names, and store the
> originally-submitted file
On Mon, 22 Aug 2016 10:56 pm, Random832 wrote:
> On Mon, Aug 22, 2016, at 08:39, Chris Angelico wrote:
>> Nope. On Windows, you would try/except it.
>
> No, you can't, because the failure mode often isn't "file refuses to
> open" but "data is written to a serial port".
Ah, that's a good point.
On Mon, 22 Aug 2016 09:50 pm, Jon Ribbens wrote:
> On 2016-08-22, Chris Angelico wrote:
>> On Mon, Aug 22, 2016 at 8:33 PM, Jon Ribbens
>> wrote:
>>> On 2016-08-22, Steve D'Aprano wrote:
On Mon, 22 Aug 2016 10:38 am,
On Mon, Aug 22, 2016 at 10:56 PM, Random832 wrote:
>> Most of the reserved names will simply give an error; the only way
>> you'd actually get incorrect behaviour is if the file name, including
>> extension, is exactly a device name.
>
> I think the reason you believe this
On Mon, Aug 22, 2016 at 12:39 PM, Chris Angelico wrote:
>
> Nope. On Windows, you would try/except it. There are myriad other ways
No, I would not rely on exceptions in this case. Both \\.\CON and
\\.\NUL can be opened for both reading and writing, so you may not
detect the
On Mon, Aug 22, 2016, at 08:39, Chris Angelico wrote:
> Nope. On Windows, you would try/except it.
No, you can't, because the failure mode often isn't "file refuses to
open" but "data is written to a serial port".
There are myriad other ways
> something could fail, and the only correct action
On Mon, Aug 22, 2016 at 9:50 PM, Jon Ribbens wrote:
> On 2016-08-22, Chris Angelico wrote:
>> On Mon, Aug 22, 2016 at 8:33 PM, Jon Ribbens
>> wrote:
>>> On 2016-08-22, Steve D'Aprano wrote:
explanation of the problem?
>
> That seems a rather unnecessarily harsh response.
Eryksun bought into Lawrence's over-the-top rhetorical question "does this
scare you?" by answering "Yes", and repeating the ridiculous term "scary".
He specifically said that it s
On 2016-08-22, Chris Angelico wrote:
> On Mon, Aug 22, 2016 at 8:33 PM, Jon Ribbens
> wrote:
>> On 2016-08-22, Steve D'Aprano wrote:
>>> On Mon, 22 Aug 2016 10:38 am, eryk sun wrote:
To me it's scary that this check
On Mon, Aug 22, 2016 at 8:33 PM, Jon Ribbens wrote:
> On 2016-08-22, Steve D'Aprano wrote:
>> On Mon, 22 Aug 2016 10:38 am, eryk sun wrote:
>>> To me it's scary that this check misses cases because it's trying to
>>> be cross-platform
On 2016-08-22, Steve D'Aprano wrote:
> On Mon, 22 Aug 2016 10:38 am, eryk sun wrote:
>> To me it's scary that this check misses cases because it's trying to
>> be cross-platform instead of simply relying on GetFullPathName to do
>> the work. For example, it misses at
On Mon, Aug 22, 2016 at 1:26 AM, Chris Angelico wrote:
> They're specifically documented as not touching any file system, which
> means that they are cross-platform and cannot be guaranteed to be
> perfect. If you know you're running on Windows, use WindowsPath
> instead (trying
On 8/21/2016 9:08 PM, eryk sun wrote:
On Mon, Aug 22, 2016 at 12:44 AM, Chris Angelico wrote:
"Trying to be" cross-platform? The point of these path modules is to
*be* cross-platform. I can't call Windows APIs on my Linux box (short
of messing around with VMs or Wine or
On Mon, Aug 22, 2016 at 11:08 AM, eryk sun wrote:
> On Mon, Aug 22, 2016 at 12:44 AM, Chris Angelico wrote:
>> "Trying to be" cross-platform? The point of these path modules is to
>> *be* cross-platform. I can't call Windows APIs on my Linux box (short
>> of
On Mon, 22 Aug 2016 10:38 am, eryk sun wrote:
> To me it's scary that this check misses cases because it's trying to
> be cross-platform instead of simply relying on GetFullPathName to do
> the work. For example, it misses at least the following cases:
Instead of shaking in your boots over a
On Mon, Aug 22, 2016 at 12:44 AM, Chris Angelico wrote:
> "Trying to be" cross-platform? The point of these path modules is to
> *be* cross-platform. I can't call Windows APIs on my Linux box (short
> of messing around with VMs or Wine or something, which are
> dependencies that
On Mon, Aug 22, 2016 at 10:38 AM, eryk sun wrote:
> To me it's scary that this check misses cases because it's trying to
> be cross-platform instead of simply relying on GetFullPathName to do
> the work.
"Trying to be" cross-platform? The point of these path modules is to
*be*
On Sun, Aug 21, 2016 at 8:03 PM, Michael Torrie wrote:
> On 08/19/2016 05:42 PM, Lawrence D’Oliveiro wrote:
>> Python 3.5.2+ (default, Aug 5 2016, 08:07:14)
>> [GCC 6.1.1 20160724] on linux
>> Type "help", "copyright", "credits" or "license" for more information.
On 08/19/2016 05:42 PM, Lawrence D’Oliveiro wrote:
> Python 3.5.2+ (default, Aug 5 2016, 08:07:14)
> [GCC 6.1.1 20160724] on linux
> Type "help", "copyright", "credits" or "license" for more information.
> >>> from pathlib import PureWindowsPath
> >>>
On Sat, 20 Aug 2016 11:20:44 +1000, Chris Angelico wrote:
> On Sat, Aug 20, 2016 at 11:11 AM, Wildman via Python-list
> wrote:
>> Since I am fairly new to Python, I realize there is much that I
>> still don't know but I don't understand how Windows can have
>> reserved
On Sat, Aug 20, 2016 at 11:11 AM, Wildman via Python-list
wrote:
> Since I am fairly new to Python, I realize there is much that I
> still don't know but I don't understand how Windows can have
> reserved names on a Linux system. What am I missing?
The PureWindowsPath
On Sat, 20 Aug 2016 10:57:37 +1000, Chris Angelico wrote:
> On Sat, Aug 20, 2016 at 9:42 AM, Lawrence D’Oliveiro
> wrote:
>> Python 3.5.2+ (default, Aug 5 2016, 08:07:14)
>> [GCC 6.1.1 20160724] on linux
>> Type "help", "copyright", "credits" or "license" for
On Sat, Aug 20, 2016 at 9:42 AM, Lawrence D’Oliveiro
wrote:
> Python 3.5.2+ (default, Aug 5 2016, 08:07:14)
> [GCC 6.1.1 20160724] on linux
> Type "help", "copyright", "credits" or "license" for more information.
> >>> from pathlib import PureWindowsPath
>
Python 3.5.2+ (default, Aug 5 2016, 08:07:14)
[GCC 6.1.1 20160724] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from pathlib import PureWindowsPath
>>> PureWindowsPath("prn").is_reserved()
True
>>>
50 matches
Mail list logo