Commit 249b508c authored by Benjamin Peterson's avatar Benjamin Peterson

add example for not using access

parent 261d855f
......@@ -772,7 +772,26 @@ Files and Directories
Using :func:`access` to check if a user is authorized to e.g. open a file
before actually doing so using :func:`open` creates a security hole,
because the user might exploit the short time interval between checking
and opening the file to manipulate it.
and opening the file to manipulate it. It's preferable to use :term:`EAFP`
techniques. For example::
if os.access("myfile", os.R_OK):
with open("myfile") as fp:
return fp.read()
return "some default data"
is better written as::
try:
fp = open("myfile")
except OSError as e:
if e.errno == errno.EACCESS:
return "some default data"
# Not a permission error.
raise
else:
with fp:
return fp.read()
.. note::
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment