add example for not using access
This commit is contained in:
parent
52f63eabeb
commit
30e10d8114
|
@ -916,7 +916,26 @@ Files and Directories
|
|||
Using :func:`access` to check if a user is authorized to e.g. open a file
|
||||
before actually doing so using :func:`open` creates a security hole,
|
||||
because the user might exploit the short time interval between checking
|
||||
and opening the file to manipulate it.
|
||||
and opening the file to manipulate it. It's preferable to use :term:`EAFP`
|
||||
techniques. For example::
|
||||
|
||||
if os.access("myfile", os.R_OK):
|
||||
with open("myfile") as fp:
|
||||
return fp.read()
|
||||
return "some default data"
|
||||
|
||||
is better written as::
|
||||
|
||||
try:
|
||||
fp = open("myfile")
|
||||
except OSError as e:
|
||||
if e.errno == errno.EACCESS:
|
||||
return "some default data"
|
||||
# Not a permission error.
|
||||
raise
|
||||
else:
|
||||
with fp:
|
||||
return fp.read()
|
||||
|
||||
.. note::
|
||||
|
||||
|
|
Loading…
Reference in New Issue