Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

gh-121999: Change default tarfile filter to 'data'#122002

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged

Conversation

@WilliamRoyNelson
Copy link
Contributor

@WilliamRoyNelsonWilliamRoyNelson commentedJul 19, 2024
edited by picnixz
Loading

@ghost
Copy link

ghost commentedJul 19, 2024
edited by ghost
Loading

All commit authors signed the Contributor License Agreement.
CLA signed

@bedevere-app
Copy link

Most changes to Pythonrequire a NEWS entry. Add one using theblurb_it web app or theblurb command-line tool.

If this change has little impact on Python users, wait for a maintainer to apply theskip news label instead.

WilliamRoyNelson reacted with thumbs up emoji

@ZeroIntensity
Copy link
Member

CC@encukou, as this is PEP 706.

@sodlesodleforce-pushed thegh-121999-tarfile-filter branch fromd3c2acc to15216b9CompareJuly 20, 2024 09:36
@picnixz
Copy link
Member

I'm a bit confused but... arae there two people working on this PR simultaneously@WilliamRoyNelson and@sodle?

Copy link
Member

@picnixzpicnixz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Some minor comments.

..versionchanged::3.14
Set the default extraction filter to:func:`data <data_filter>`,
which disallows dangerous features such as links to absolute paths
or paths outside of the destination. Previously, the filter strategy
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Sorry about this one but theoutside of now feels weird to me :')

@AA-Turner As a native speaker (you're the only one I know...), should it be "outside the destination", or "outside of"? (or something else entirely?)

Copy link
ContributorAuthor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I think "outside of" is conventional in North America, less conventional in the UK.
https://learningenglish.voanews.com/a/should-we-think-outside-or-outside-of-the-box-/6434530.html

I think I was reading from PEP 706 when I wrote that update.

Refuse to extract links (hard or soft) which end up linking to a path outside of the destination. (On systems that don’t support links, tarfile will, in most cases, fall back to creating regular files. This proposal doesn’t change that behaviour.)

AA-Turner reacted with thumbs up emoji
@encukou
Copy link
Member

I'll review later this week.

@sodlesodleforce-pushed thegh-121999-tarfile-filter branch fromc3638d4 to619dc28CompareJuly 22, 2024 14:46
@sodle
Copy link
Contributor

I'm a bit confused but... arae there two people working on this PR simultaneously@WilliamRoyNelson and@sodle?

Yeah. Bill is a friend of mine and enlisted my help with writing the tests.

picnixz reacted with thumbs up emoji

@encukou
Copy link
Member

encukou commentedJul 25, 2024
edited
Loading

For the documentation, communicating via GitHub review comments wouldn't be effective, so I took the liberty of pushing a commit to this PR directly. I hope you don't mind.

The main themes are:

  • Passingfilter='data' is still recommended, if there's any chance the code will run on Python 3.13 or below. When 3.14 is released, that's nearly all the code :)
  • All the security notes should lead to:ref:tarfile-extraction-filter(to explain things) and/or:ref:tarfile-further-verification (to explain that'data' still isn't unconditionally “safe”). Hopefully we can do that without annoying people who read those already :)

For shutil: zipfile also has some safeties, though they haven't been reviewed in a while. IMO we can claim for both formats that the defaults “prevent the most dangerous of such security issues”.

Does this look good to you?

sodle and WilliamRoyNelson reacted with thumbs up emoji

@encukouencukou merged commitdcafb36 intopython:mainJul 26, 2024
@encukou
Copy link
Member

Thank you for the update!

WilliamRoyNelson reacted with hooray emoji

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@tomasr8tomasr8tomasr8 left review comments

@picnixzpicnixzpicnixz left review comments

@ethanfurmanethanfurmanAwaiting requested review from ethanfurmanethanfurman is a code owner

+1 more reviewer

@sodlesodlesodle left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@WilliamRoyNelson@ZeroIntensity@picnixz@encukou@sodle@tomasr8
[8]ページ先頭
©2009-2025 Movatter.jp