File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -772,7 +772,26 @@ Files and Directories
772772 Using :func: `access ` to check if a user is authorized to e.g. open a file
773773 before actually doing so using :func: `open ` creates a security hole,
774774 because the user might exploit the short time interval between checking
775- and opening the file to manipulate it.
775+ and opening the file to manipulate it. It's preferable to use :term: `EAFP `
776+ techniques. For example::
777+
778+ if os.access("myfile", os.R_OK):
779+ with open("myfile") as fp:
780+ return fp.read()
781+ return "some default data"
782+
783+ is better written as::
784+
785+ try:
786+ fp = open("myfile")
787+ except OSError as e:
788+ if e.errno == errno.EACCESS:
789+ return "some default data"
790+ # Not a permission error.
791+ raise
792+ else:
793+ with fp:
794+ return fp.read()
776795
777796 .. note ::
778797
You can’t perform that action at this time.
0 commit comments