Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2002-February/020321.html below:

[Python-Dev] PEP 215 redux: toward a simplified consensus?

• Previous message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
• Next message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

barry@zope.com (Barry A. Warsaw) writes:

>     JE> i.e., the translator (or other person who can influence the
>     JE> format string) can access other information in the dict you
>     JE> pass in, even if you didn't intend it.
> 
> That's a very interesting vulnerability you bring up!

That's not a vulnerability. It assumes that the translator is an
attacker, or that the attacker can change the catalogs. If he is or
can, you could not trust them, anyway, as they could cause arbitrary
other failures, as well.

Regards,
Martin

• Previous message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
• Next message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4