Skip to content

Commit 1e3001d

Browse files
WilliamRoyNelsonWilliamRoyNelson
committed
Remove unnecessarily wordy phrasing in warning about tarfiles.
1 parent 136bc7e commit 1e3001d

File tree

2 files changed

+13
-15
lines changed

2 files changed

+13
-15
lines changed

Doc/library/shutil.rst

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -714,13 +714,14 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules.
714714

715715
.. warning::
716716

717-
Never extract archives from untrusted sources without prior inspection,
718-
even when using the ``'data'`` filter, but especially if using the
719-
``'tar'`` or ``'fully_trusted'`` filters.
720-
721-
It is possible that files are created outside of the path specified in
722-
the *extract_dir* argument, e.g. members that have absolute filenames
723-
starting with "/" or filenames with two dots "..".
717+
Never extract archives from untrusted sources without prior inspection.
718+
It is possible that files are created outside of *path*, e.g. members
719+
that have absolute filenames starting with ``"/"`` or filenames with two
720+
dots ``".."``.
721+
722+
The default filter is set to ``filter='data'`` to prevent the most
723+
dangerous security issues. Read the :ref:`tarfile-extraction-filter`
724+
section for details.
724725

725726
.. versionchanged:: 3.7
726727
Accepts a :term:`path-like object` for *filename* and *extract_dir*.

Doc/library/tarfile.rst

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -503,18 +503,15 @@ be finalized; only the internally used file object will be closed. See the
503503

504504
.. warning::
505505

506-
The default filter is set to ``filter='data'`` to prevent the most
507-
dangerous security issues. Read the :ref:`tarfile-extraction-filter`
508-
section for details.
509-
510-
Never extract archives from untrusted sources without prior inspection,
511-
even when using the ``'data'`` filter, but especially if using the
512-
``'tar'`` or ``'fully_trusted'`` filters.
513-
506+
Never extract archives from untrusted sources without prior inspection.
514507
It is possible that files are created outside of *path*, e.g. members
515508
that have absolute filenames starting with ``"/"`` or filenames with two
516509
dots ``".."``.
517510

511+
The default filter is set to ``filter='data'`` to prevent the most
512+
dangerous security issues. Read the :ref:`tarfile-extraction-filter`
513+
section for details.
514+
518515
.. versionchanged:: 3.5
519516
Added the *numeric_owner* parameter.
520517

0 commit comments

Comments
 (0)