From 0b785036ef5482e55360b73df2176d672c97edaf Mon Sep 17 00:00:00 2001 From: Petri Lehtinen Date: Sat, 23 Feb 2013 19:24:08 +0100 Subject: [PATCH] Issue #8890: Stop advertising an insecure use of /tmp in docs --- Doc/install/index.rst | 2 +- Doc/library/atexit.rst | 4 ++-- Doc/library/bsddb.rst | 2 +- Doc/library/cgi.rst | 2 +- Doc/library/compiler.rst | 4 ++-- Doc/library/gzip.rst | 8 ++++---- Doc/library/imghdr.rst | 2 +- Doc/library/mailcap.rst | 4 ++-- Doc/library/nntplib.rst | 2 +- Doc/library/optparse.rst | 4 ++-- Doc/library/pipes.rst | 6 +++--- Doc/library/posixfile.rst | 2 +- Doc/library/trace.rst | 4 ++-- Doc/library/zipimport.rst | 10 +++++----- Doc/tutorial/inputoutput.rst | 8 ++++---- Misc/ACKS | 1 + Misc/NEWS | 4 ++++ 17 files changed, 37 insertions(+), 32 deletions(-) diff --git a/Doc/install/index.rst b/Doc/install/index.rst index b1881b5469..d3e8babe52 100644 --- a/Doc/install/index.rst +++ b/Doc/install/index.rst @@ -189,7 +189,7 @@ under the distribution root; if you're excessively concerned with speed, or want to keep the source tree pristine, you can change the build directory with the :option:`--build-base` option. For example:: - python setup.py build --build-base=/tmp/pybuild/foo-1.0 + python setup.py build --build-base=/path/to/pybuild/foo-1.0 (Or you could do this permanently with a directive in your system or personal Distutils configuration file; see section :ref:`inst-config-files`.) Normally, this diff --git a/Doc/library/atexit.rst b/Doc/library/atexit.rst index 6ac36b2142..37d8d500ef 100644 --- a/Doc/library/atexit.rst +++ b/Doc/library/atexit.rst @@ -76,7 +76,7 @@ automatically when the program terminates without relying on the application making an explicit call into this module at termination. :: try: - _count = int(open("/tmp/counter").read()) + _count = int(open("counter").read()) except IOError: _count = 0 @@ -85,7 +85,7 @@ making an explicit call into this module at termination. :: _count = _count + n def savecounter(): - open("/tmp/counter", "w").write("%d" % _count) + open("counter", "w").write("%d" % _count) import atexit atexit.register(savecounter) diff --git a/Doc/library/bsddb.rst b/Doc/library/bsddb.rst index 0ed109d028..74bcc0f434 100644 --- a/Doc/library/bsddb.rst +++ b/Doc/library/bsddb.rst @@ -170,7 +170,7 @@ dictionaries. In addition, they support the methods listed below. Example:: >>> import bsddb - >>> db = bsddb.btopen('/tmp/spam.db', 'c') + >>> db = bsddb.btopen('spam.db', 'c') >>> for i in range(10): db['%d'%i] = '%d'% (i*i) ... >>> db['3'] diff --git a/Doc/library/cgi.rst b/Doc/library/cgi.rst index 0240998a14..1b342c33d3 100644 --- a/Doc/library/cgi.rst +++ b/Doc/library/cgi.rst @@ -81,7 +81,7 @@ program to users of your script, you can have the reports saved to files instead, with code like this:: import cgitb - cgitb.enable(display=0, logdir="/tmp") + cgitb.enable(display=0, logdir="/path/to/logdir") It's very helpful to use this feature during script development. The reports produced by :mod:`cgitb` provide information that can save you a lot of time in diff --git a/Doc/library/compiler.rst b/Doc/library/compiler.rst index 229bcb2291..494902e17f 100644 --- a/Doc/library/compiler.rst +++ b/Doc/library/compiler.rst @@ -540,7 +540,7 @@ examples demonstrate how to use the :func:`parse` function, what the repr of an AST looks like, and how to access attributes of an AST node. The first module defines a single function. Assume it is stored in -:file:`/tmp/doublelib.py`. :: +:file:`doublelib.py`. :: """This is an example module. @@ -557,7 +557,7 @@ to create an instance from a repr, you must import the class names from the :mod:`compiler.ast` module. :: >>> import compiler - >>> mod = compiler.parseFile("/tmp/doublelib.py") + >>> mod = compiler.parseFile("doublelib.py") >>> mod Module('This is an example module.\n\nThis is the docstring.\n', Stmt([Function(None, 'double', ['x'], [], 0, diff --git a/Doc/library/gzip.rst b/Doc/library/gzip.rst index 465510f6b6..ce11eec1cc 100644 --- a/Doc/library/gzip.rst +++ b/Doc/library/gzip.rst @@ -93,7 +93,7 @@ Examples of usage Example of how to read a compressed file:: import gzip - f = gzip.open('/home/joe/file.txt.gz', 'rb') + f = gzip.open('file.txt.gz', 'rb') file_content = f.read() f.close() @@ -101,15 +101,15 @@ Example of how to create a compressed GZIP file:: import gzip content = "Lots of content here" - f = gzip.open('/home/joe/file.txt.gz', 'wb') + f = gzip.open('file.txt.gz', 'wb') f.write(content) f.close() Example of how to GZIP compress an existing file:: import gzip - f_in = open('/home/joe/file.txt', 'rb') - f_out = gzip.open('/home/joe/file.txt.gz', 'wb') + f_in = open('file.txt', 'rb') + f_out = gzip.open('file.txt.gz', 'wb') f_out.writelines(f_in) f_out.close() f_in.close() diff --git a/Doc/library/imghdr.rst b/Doc/library/imghdr.rst index 20f789f6a5..24ab5716fa 100644 --- a/Doc/library/imghdr.rst +++ b/Doc/library/imghdr.rst @@ -68,6 +68,6 @@ to this variable: Example:: >>> import imghdr - >>> imghdr.what('/tmp/bass.gif') + >>> imghdr.what('bass.gif') 'gif' diff --git a/Doc/library/mailcap.rst b/Doc/library/mailcap.rst index 5507211751..b359509465 100644 --- a/Doc/library/mailcap.rst +++ b/Doc/library/mailcap.rst @@ -71,6 +71,6 @@ An example usage:: >>> import mailcap >>> d=mailcap.getcaps() - >>> mailcap.findmatch(d, 'video/mpeg', filename='/tmp/tmp1223') - ('xmpeg /tmp/tmp1223', {'view': 'xmpeg %s'}) + >>> mailcap.findmatch(d, 'video/mpeg', filename='tmp1223') + ('xmpeg tmp1223', {'view': 'xmpeg %s'}) diff --git a/Doc/library/nntplib.rst b/Doc/library/nntplib.rst index acbb7a5d90..f87c2eb6a7 100644 --- a/Doc/library/nntplib.rst +++ b/Doc/library/nntplib.rst @@ -46,7 +46,7 @@ To post an article from a file (this assumes that the article has valid headers, and that you have right to post on the particular newsgroup):: >>> s = NNTP('news.gmane.org') - >>> f = open('/tmp/article') + >>> f = open('articlefile') >>> s.post(f) '240 Article posted successfully.' >>> s.quit() diff --git a/Doc/library/optparse.rst b/Doc/library/optparse.rst index d5a35c269f..417b3bb84d 100644 --- a/Doc/library/optparse.rst +++ b/Doc/library/optparse.rst @@ -173,10 +173,10 @@ required option For example, consider this hypothetical command-line:: - prog -v --report /tmp/report.txt foo bar + prog -v --report report.txt foo bar ``-v`` and ``--report`` are both options. Assuming that ``--report`` -takes one argument, ``/tmp/report.txt`` is an option argument. ``foo`` and +takes one argument, ``report.txt`` is an option argument. ``foo`` and ``bar`` are positional arguments. diff --git a/Doc/library/pipes.rst b/Doc/library/pipes.rst index c44c62e87a..6d7dff8c37 100644 --- a/Doc/library/pipes.rst +++ b/Doc/library/pipes.rst @@ -24,12 +24,12 @@ shell for :func:`os.system` and :func:`os.popen` is required. Example:: >>> import pipes - >>> t=pipes.Template() + >>> t = pipes.Template() >>> t.append('tr a-z A-Z', '--') - >>> f=t.open('/tmp/1', 'w') + >>> f = t.open('pipefile', 'w') >>> f.write('hello world') >>> f.close() - >>> open('/tmp/1').read() + >>> open('pipefile').read() 'HELLO WORLD' diff --git a/Doc/library/posixfile.rst b/Doc/library/posixfile.rst index c27e4126a2..97ef800fb0 100644 --- a/Doc/library/posixfile.rst +++ b/Doc/library/posixfile.rst @@ -181,7 +181,7 @@ Examples:: import posixfile - file = posixfile.open('/tmp/test', 'w') + file = posixfile.open('testfile', 'w') file.lock('w|') ... file.lock('u') diff --git a/Doc/library/trace.rst b/Doc/library/trace.rst index 9cd4996be5..29cb3e1493 100644 --- a/Doc/library/trace.rst +++ b/Doc/library/trace.rst @@ -200,7 +200,7 @@ A simple example demonstrating the use of the programmatic interface:: # run the new command using the given tracer tracer.run('main()') - # make a report, placing output in /tmp + # make a report, placing output in the current directory r = tracer.results() - r.write_results(show_missing=True, coverdir="/tmp") + r.write_results(show_missing=True, coverdir=".") diff --git a/Doc/library/zipimport.rst b/Doc/library/zipimport.rst index af18d159e4..450f93a97c 100644 --- a/Doc/library/zipimport.rst +++ b/Doc/library/zipimport.rst @@ -19,7 +19,7 @@ Typically, :data:`sys.path` is a list of directory names as strings. This modul also allows an item of :data:`sys.path` to be a string naming a ZIP file archive. The ZIP archive can contain a subdirectory structure to support package imports, and a path within the archive can be specified to only import from a -subdirectory. For example, the path :file:`/tmp/example.zip/lib/` would only +subdirectory. For example, the path :file:`example.zip/lib/` would only import from the :file:`lib/` subdirectory within the archive. Any files may be present in the ZIP archive, but only files :file:`.py` and @@ -151,8 +151,8 @@ Examples Here is an example that imports a module from a ZIP archive - note that the :mod:`zipimport` module is not explicitly used. :: - $ unzip -l /tmp/example.zip - Archive: /tmp/example.zip + $ unzip -l example.zip + Archive: example.zip Length Date Time Name -------- ---- ---- ---- 8467 11-26-02 22:30 jwzthreading.py @@ -161,8 +161,8 @@ Here is an example that imports a module from a ZIP archive - note that the $ ./python Python 2.3 (#1, Aug 1 2003, 19:54:32) >>> import sys - >>> sys.path.insert(0, '/tmp/example.zip') # Add .zip file to front of path + >>> sys.path.insert(0, 'example.zip') # Add .zip file to front of path >>> import jwzthreading >>> jwzthreading.__file__ - '/tmp/example.zip/jwzthreading.py' + 'example.zip/jwzthreading.py' diff --git a/Doc/tutorial/inputoutput.rst b/Doc/tutorial/inputoutput.rst index 8da972bb8a..2f08110fee 100644 --- a/Doc/tutorial/inputoutput.rst +++ b/Doc/tutorial/inputoutput.rst @@ -236,9 +236,9 @@ arguments: ``open(filename, mode)``. :: - >>> f = open('/tmp/workfile', 'w') + >>> f = open('workfile', 'w') >>> print f - + The first argument is a string containing the filename. The second argument is another string containing a few characters describing the way in which the file @@ -339,7 +339,7 @@ of the file, 1 uses the current file position, and 2 uses the end of the file as the reference point. *from_what* can be omitted and defaults to 0, using the beginning of the file as the reference point. :: - >>> f = open('/tmp/workfile', 'r+') + >>> f = open('workfile', 'r+') >>> f.write('0123456789abcdef') >>> f.seek(5) # Go to the 6th byte in the file >>> f.read(1) @@ -363,7 +363,7 @@ objects. This has the advantage that the file is properly closed after its suite finishes, even if an exception is raised on the way. It is also much shorter than writing equivalent :keyword:`try`\ -\ :keyword:`finally` blocks:: - >>> with open('/tmp/workfile', 'r') as f: + >>> with open('workfile', 'r') as f: ... read_data = f.read() >>> f.closed True diff --git a/Misc/ACKS b/Misc/ACKS index c488644113..1c453f0c74 100644 --- a/Misc/ACKS +++ b/Misc/ACKS @@ -1081,6 +1081,7 @@ Sue Williams Gerald S. Williams Steven Willis Frank Willison +Geoff Wilson Greg V. Wilson J Derek Wilson Paul Winkler diff --git a/Misc/NEWS b/Misc/NEWS index 7a51f8ac81..926593ae09 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -926,6 +926,10 @@ Tools/Demos Documentation ------------- +- Issue #8890: Stop advertising an insecure practice by replacing uses + of the /tmp directory with better alternatives in the documentation. + Patch by Geoff Wilson. + - Issue #17203: add long option names to unittest discovery docs. - Issue #13094: add "Why do lambdas defined in a loop with different values -- 2.50.0