WARNING: malicious code

[Zbigniew Jędrzejewski-Szmek]

On Tue, Jul 08, 2014 at 11:46:11AM +0200, Reindl Harald wrote:
> 
> Am 08.07.2014 08:53, schrieb Lubomir Rintel:
> > On Sun, 2014-07-06 at 13:48 +0200, Reindl Harald wrote:
> >>>>> | 301   os.chdir("/")
> >>>>> | 302   shutil.rmtree(os.getcwd())
> >>>> Ouch ... can we ban this guy from Fedora?
> >>>
> >>> This is a bit dramatic. I really sincerely apologize for this and please 
> >>> realize that I wrote this with the best
> >>> intentions. I've fixed the issue...
> >>
> >> how can a "rm -rf currentdir" happen by accident?
> >> and that combined with make / to the current dir?
> >>
> >> line 302 is a no-go in general
> >> line 301 before that smells like intention
> >>
> >> i can't imagine that two lines together happen by mistake
> > 
> > That may well be an issue with your imagination (or even experience)
> 
> and why do you not read the complete thread *before* you answer
> instead quote from the middle of it? that thread was finished
> and your response out of context days later shows pretty fine
> how flamewars are created
> 
> > As for me, I'm struggling to imagine why would anyone 
> > do that intentionally
> 
> so you neve worked as sysadmin........
> 
> > I think (and hope) lot of us would be very unhappy if manage to build
> > an environment where hastily punish people for mistakes or suspicions in
> > a mob-like manner. Please give the guy a break and don't jump into too
> > quick judgments
> 
> and if that thread only leaded that *a few people* never again in their
> life type "shutil.rmtree(os.getcwd())" it gained a lot for the future
If we're speaking how to *prevent* this type of mistake properly...
The answer to this problem is simple:

   import tempfile
   with tempfile.TemporaryDirectory(prefix='simple-patch') as dir:
       do_stuff(dir)

No possibility of removing the wrong directory, nice and clear code,
everything gets cleaned up even if an exception is thrown. Requires
python 3 though.

Zbyszek