Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2002-November/030019.html below:

[Python-Dev] Restricted interpreter

• Previous message: [Python-Dev] Restricted interpreter
• Next message: [Python-Dev] Restricted interpreter
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Unclear if there's any damage, since FileWrapper is only used to wrap
> stdin, stdout and stderr.

Yes, they probably could be even left unchanged in the restricted code.

> But this amplifies the warning about rexec's viability.
> 
> Maybe you can use the time you were going to spend on reinventing
> rexec for a security audit instead...

Good idea. Here's a first major problem:

class S(str):
    def __eq__(self, obj):
        return 1
open("/tmp/foo", S("w")).write("Ouch!")

I'll keep looking..

-- 
Gustavo Niemeyer

[ 2AAC 7928 0FBF 0299 5EB5  60E2 2253 B29A 6664 3A0C ]

• Previous message: [Python-Dev] Restricted interpreter
• Next message: [Python-Dev] Restricted interpreter
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4