merge 3.1

author: Benjamin Peterson <benjamin@python.org> 2011-05-20 11:41:59 -0500
committer: Benjamin Peterson <benjamin@python.org> 2011-05-20 11:41:59 -0500
commit: c7dd737ef712b9b847dae35422ce3c64efc3d580 (patch)
tree: fe2ae42b22c1767ca442377cd55b3972cddba776 /Doc/library
parent: da5b852c7ccc6486df1e7d36862441448cad37f7 (diff)
parent: 249b508c98d99597c170bdb9d6a4b1d56d839ebd (diff)
download: cpython-git-c7dd737ef712b9b847dae35422ce3c64efc3d580.tar.gz
1 files changed, 20 insertions, 1 deletions
diff --git a/Doc/library/os.rst b/Doc/library/os.rst
index fe785fc47c..4a0c7dc75d 100644
--- a/Doc/library/os.rst
+++ b/Doc/library/os.rst
@@ -895,7 +895,26 @@ Files and Directories
       Using :func:`access` to check if a user is authorized to e.g. open a file
       before actually doing so using :func:`open` creates a security hole,
       because the user might exploit the short time interval between checking
-      and opening the file to manipulate it.
+      and opening the file to manipulate it. It's preferable to use :term:`EAFP`
+      techniques. For example::
+
+         if os.access("myfile", os.R_OK):
+             with open("myfile") as fp:
+                 return fp.read()
+         return "some default data"
+
+      is better written as::
+
+         try:
+             fp = open("myfile")
+         except OSError as e:
+             if e.errno == errno.EACCESS:
+                 return "some default data"
+             # Not a permission error.
+             raise
+         else:
+             with fp:
+                 return fp.read()
 
    .. note::
author	Benjamin Peterson <benjamin@python.org>	2011-05-20 11:41:59 -0500
committer	Benjamin Peterson <benjamin@python.org>	2011-05-20 11:41:59 -0500
commit	c7dd737ef712b9b847dae35422ce3c64efc3d580 (patch)
tree	fe2ae42b22c1767ca442377cd55b3972cddba776 /Doc/library
parent	da5b852c7ccc6486df1e7d36862441448cad37f7 (diff)
parent	249b508c98d99597c170bdb9d6a4b1d56d839ebd (diff)
download	cpython-git-c7dd737ef712b9b847dae35422ce3c64efc3d580.tar.gz