wkx228
commented
1 week ago Yeah, it's a problem. I have updated the script. Thanks!
Open 455849940 opened 1 week ago
wkx228
commented
1 week ago Yeah, it's a problem. I have updated the script. Thanks!
While using the tear_down function in your code, I noticed some potential security risks, especially when the code is executed via a Bash script in an external directory. The function uses os.listdir() to list the files in the current working directory and deletes files or folders that are not in the reserved_files list. However, if the script is executed in an unintended directory (such as the root directory or a system directory), it could mistakenly delete important files or directories, which could lead to severe system issues or data loss.
Specifically, the current code does not verify whether the current working directory is the expected project directory. As a result, if the script is executed in an incorrect path, it may unnecessarily clean up files in that directory. To avoid potential risks, I recommend adding an explicit check of the path before performing deletion operations, ensuring that the actions are only executed in the target directory. Additionally, it may be helpful to include logging to facilitate debugging and prevent the accidental deletion of irreplaceable files.