mirror of https://github.com/python/cpython
gh-118486: Update docs for CVE-2024-4030 reference (GH-118737)
Update docs for CVE-2024-4030 reference
This commit is contained in:
parent
632682c0c2
commit
d86b494117
|
@ -847,6 +847,12 @@ os
|
||||||
:c:func:`!posix_spawn_file_actions_addclosefrom_np`.
|
:c:func:`!posix_spawn_file_actions_addclosefrom_np`.
|
||||||
(Contributed by Jakub Kulik in :gh:`113117`.)
|
(Contributed by Jakub Kulik in :gh:`113117`.)
|
||||||
|
|
||||||
|
* :func:`os.mkdir` and :func:`os.makedirs` on Windows now support passing a
|
||||||
|
*mode* value of ``0o700`` to apply access control to the new directory. This
|
||||||
|
implicitly affects :func:`tempfile.mkdtemp` and is a mitigation for
|
||||||
|
:cve:`2024-4030`. Other values for *mode* continue to be ignored.
|
||||||
|
(Contributed by Steve Dower in :gh:`118486`.)
|
||||||
|
|
||||||
os.path
|
os.path
|
||||||
-------
|
-------
|
||||||
|
|
||||||
|
@ -989,6 +995,14 @@ sys
|
||||||
This function is not guaranteed to exist in all implementations of Python.
|
This function is not guaranteed to exist in all implementations of Python.
|
||||||
(Contributed by Serhiy Storchaka in :gh:`78573`.)
|
(Contributed by Serhiy Storchaka in :gh:`78573`.)
|
||||||
|
|
||||||
|
tempfile
|
||||||
|
--------
|
||||||
|
|
||||||
|
* On Windows, the default mode ``0o700`` used by :func:`tempfile.mkdtemp` now
|
||||||
|
limits access to the new directory due to changes to :func:`os.mkdir`. This
|
||||||
|
is a mitigation for :cve:`2024-4030`.
|
||||||
|
(Contributed by Steve Dower in :gh:`118486`.)
|
||||||
|
|
||||||
time
|
time
|
||||||
----
|
----
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
:func:`os.mkdir` on Windows now accepts *mode* of ``0o700`` to restrict
|
||||||
|
the new directory to the current user. This fixes :cve:`2024-4030`
|
||||||
|
affecting :func:`tempfile.mkdtemp` in scenarios where the base temporary
|
||||||
|
directory is more permissive than the default.
|
Loading…
Reference in New Issue