Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity

merge 3.2

This commit is contained in:
Benjamin Peterson 2011-05-20 11:42:47 -05:00
parent 6071359de1 c7dd737ef7
commit 7f071e6e9f
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Doc/library/os.rst
View File

@ -1346,7 +1346,26 @@ Files and Directories
Using :func:`access` to check if a user is authorized to e.g. open a file Using :func:`access` to check if a user is authorized to e.g. open a file
before actually doing so using :func:`open` creates a security hole, before actually doing so using :func:`open` creates a security hole,
because the user might exploit the short time interval between checking because the user might exploit the short time interval between checking
and opening the file to manipulate it. and opening the file to manipulate it. It's preferable to use :term:`EAFP`
techniques. For example::
if os.access("myfile", os.R_OK):
with open("myfile") as fp:
return fp.read()
return "some default data"
is better written as::
try:
fp = open("myfile")
except OSError as e:
if e.errno == errno.EACCESS:
return "some default data"
# Not a permission error.
raise
else:
with fp:
return fp.read()
.. note:: .. note::