mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 17:08:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

gh-135815: skip netrc security checks if os.getuid is missing (#135816)

Browse source
This commit is contained in:
Bénédikt Tran 2025-06-22 21:48:06 +02:00 committed by GitHub
parent e7295a89b8
commit b57b619e34
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 30 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Doc/library/netrc.rst
View file

@ -24,12 +24,14 @@ the Unix :program:`ftp` program and other FTP clients.
a :exc:`FileNotFoundError` exception will be raised.
Parse errors will raise :exc:`NetrcParseError` with diagnostic
information including the file name, line number, and terminating token.
If no argument is specified on a POSIX system, the presence of passwords in
the :file:`.netrc` file will raise a :exc:`NetrcParseError` if the file
ownership or permissions are insecure (owned by a user other than the user
running the process, or accessible for read or write by any other user).
This implements security behavior equivalent to that of ftp and other
programs that use :file:`.netrc`.
programs that use :file:`.netrc`. Such security checks are not available
on platforms that do not support :func:`os.getuid`.
.. versionchanged:: 3.4 Added the POSIX permission check.