>> On Thu, Apr 28, 2011 at 04:20:06PM +0200, Éric Araujo wrote: >> > > if hasattr(os, "symlink") and hasattr(os, "link"): >> > > # For systems that support symbolic and hard links. >> > > if tarinfo.issym(): >> > > + if os.path.exists(targetpath): >> > > + os.unlink(targetpath) >> > >> > Is there a race condition here? >> >> The lock to avoid race conditions (if you were thinking along those >> lines) would usually be implemented at the higher level code which is >> using extractall in threads. > > A lock would only protect only against multi-threaded use of the > tarfile module, which is probably quite rare and therefore not a real > concern. > The kind of race condition which can happen here is if an attacker > creates "targetpath" between os.path.exists and os.unlink. Whether it > is an exploitable flaw would need a detailed analysis, of course. >
Just out of curiosity, could you please elaborate on the potential threat of this? If the "exists" condition is true, targetpath already exists, so what use there is in overwriting it? If the condition is false, unlink isn't executed, so no harm either. What am I missing? Eli _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
