gh-121999: Change default tarfile filter to 'data'#122002
Uh oh!
There was an error while loading. Please reload this page.
Conversation
All commit authors signed the Contributor License Agreement. |
Most changes to Python require a NEWS entry. Add one using the blurb_it web app or the blurb command-line tool. If this change has little impact on Python users, wait for a maintainer to apply the |
WilliamRoyNelsonforce-pushed the gh-121999-tarfile-filter branch from 29c1861 to 0529960Compare
WilliamRoyNelsonforce-pushed the gh-121999-tarfile-filter branch from 0529960 to c74d0dcCompare
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
ZeroIntensity commented Jul 19, 2024
CC @encukou, as this is PEP 706. |
Co-authored-by: Tomas R <tomas.roun8@gmail.com>
sodleforce-pushed the gh-121999-tarfile-filter branch from d3c2acc to 15216b9Compare
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
Misc/NEWS.d/next/Core_and_Builtins/2024-07-18-21-19-04.gh-issue-121999.8IBbTK.rst Outdated Show resolvedHide resolved
Uh oh!
There was an error while loading. Please reload this page.
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
WilliamRoyNelsonforce-pushed the gh-121999-tarfile-filter branch from 1e3001d to 57c60e7Compare
picnixz commented Jul 22, 2024
I'm a bit confused but... arae there two people working on this PR simultaneously @WilliamRoyNelson and @sodle? |
Uh oh!
There was an error while loading. Please reload this page.
| .. versionchanged:: 3.14 | ||
| Set the default extraction filter to :func:`data <data_filter>`, | ||
| which disallows dangerous features such as links to absolute paths | ||
| or paths outside of the destination. Previously, the filter strategy |
There was a problem hiding this comment.
Sorry about this one but the outside of now feels weird to me :')
@AA-Turner As a native speaker (you're the only one I know...), should it be "outside the destination", or "outside of"? (or something else entirely?)
There was a problem hiding this comment.
I think "outside of" is conventional in North America, less conventional in the UK.
https://learningenglish.voanews.com/a/should-we-think-outside-or-outside-of-the-box-/6434530.html
I think I was reading from PEP 706 when I wrote that update.
Refuse to extract links (hard or soft) which end up linking to a path outside of the destination. (On systems that don’t support links, tarfile will, in most cases, fall back to creating regular files. This proposal doesn’t change that behaviour.)
encukou commented Jul 22, 2024
I'll review later this week. |
sodleforce-pushed the gh-121999-tarfile-filter branch from c3638d4 to 619dc28Compare
sodle commented Jul 22, 2024
Yeah. Bill is a friend of mine and enlisted my help with writing the tests. |
For the documentation, communicating via GitHub review comments wouldn't be effective, so I took the liberty of pushing a commit to this PR directly. I hope you don't mind. The main themes are:
For shutil: zipfile also has some safeties, though they haven't been reviewed in a while. IMO we can claim for both formats that the defaults “prevent the most dangerous of such security issues”. Does this look good to you? |
encukou commented Jul 26, 2024
Thank you for the update! |
6 participants
📚 Documentation preview 📚: https://cpython-previews--122002.org.readthedocs.build/