From 1cc9cc7fb499b2262ec40e2a6639d76512500292 Mon Sep 17 00:00:00 2001 From: Adrien Ferrand Date: Sat, 25 May 2019 13:51:24 +0200 Subject: [PATCH] Simplify and make more clear comment on os.open. --- certbot/compat/os.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/certbot/compat/os.py b/certbot/compat/os.py index f652b55c1..910c28af1 100644 --- a/certbot/compat/os.py +++ b/certbot/compat/os.py @@ -31,13 +31,11 @@ std_sys.modules[__name__ + '.path'] = path del ourselves, std_os, std_sys -# The os.open function on Windows will have the same effect than a bare os.chown towards the given -# mode, and will create a file with the same flaws that what have been described for os.chown. -# So upon file creation, security.take_ownership will be called to ensure current user is the owner -# of the file, and security.chmod will do the same thing than for the modified os.chown. -# Internally, take_ownership will update the existing metadata of the file, to set the current -# username (determined by the win32api module) as the owner of the file. +# The os.open function on Windows has the same effect than a call to os.chown concerning the file +# modes: these modes lack of a correct control over the permissions given to the file. Instead, +# filesystem.open invokes filesystem.take_ownership and filesystem.chown to ensure that both owner +# and permissions are correctly set. def open(*unused_args, **unused_kwargs): # pylint: disable=function-redefined """Method os.open() is forbidden""" - raise RuntimeError('Usage of os.open() is forbidden. ' # pragma: no cover + raise RuntimeError('Usage of os.open() is forbidden. ' 'Use certbot.compat.filesystem.open() instead.')