> I was thinking an attack where knowledge of common temporary > execution locations is used to trick Python into executing > untrusted code -- the untrusted code would only have to be > copied to the known temporary execution directory and then > gets executed by Python next time the program using the temporary > location is invoked. When does Python execute code from a predictable common temporary location? When is that likely to be used from a Python script running as root? Note that if you use tempfile.TemporaryFile(), you can create a temporary file that's not subvertible. --Guido van Rossum (home page: http://www.python.org/~guido/)
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4