[Python-checkins] r75150 - in python/branches/release26-maint: Doc/library/zipfile.rst

gregory.p.smith python-checkins at python.org
Tue Sep 29 23:58:49 CEST 2009 

Author: gregory.p.smith
Date: Tue Sep 29 23:58:48 2009
New Revision: 75150
Log:
Merged revisions 75149 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/trunk
........
 r75149 | gregory.p.smith | 2009年09月29日 14:56:31 -0700 (2009年9月29日) | 3 lines
 
 Mention issue6972 in extractall docs about overwriting things outside of
 the supplied path.
........
Modified:
 python/branches/release26-maint/ (props changed)
 python/branches/release26-maint/Doc/library/zipfile.rst
Modified: python/branches/release26-maint/Doc/library/zipfile.rst
==============================================================================
--- python/branches/release26-maint/Doc/library/zipfile.rst	(original)
+++ python/branches/release26-maint/Doc/library/zipfile.rst	Tue Sep 29 23:58:48 2009
@@ -205,6 +205,13 @@
 be a subset of the list returned by :meth:`namelist`. *pwd* is the password
 used for encrypted files.
 
+ .. warning::
+
+ Never extract archives from untrusted sources without prior inspection.
+ It is possible that files are created outside of *path*, e.g. members
+ that have absolute filenames starting with ``"/"`` or filenames with two
+ dots ``".."``.
+
 .. versionadded:: 2.6

More information about the Python-checkins mailing list

AltStyle によって変換されたページ (->オリジナル) /