Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2009-February/086460.html below:

[Python-Dev] Challenge: Please break this! [Now with blog post]

• Previous message: [Python-Dev] Challenge: Please break this! [Now with blog post]
• Next message: [Python-Dev] Challenge: Please break this! [Now with blog post]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Feb 24, 2009 at 12:27 AM, tav <tav at espians.com> wrote:
> Daniel emailed in the exploit below and it is pretty devastating. It
> takes advantage of the fact that the warnings framework in 2.6+
> dynamically imports modules without being explicitly called!!
>
> I've fixed this hole in safelite.py, but would be interested to know
> if there are other non-user-initiated dynamically imported modules?
>
> Thanks Daniel for bringing this to our attention!

Grep the source for PyImport.

-- 
--Guido van Rossum (home page: http://www.python.org/~guido/)

• Previous message: [Python-Dev] Challenge: Please break this! [Now with blog post]
• Next message: [Python-Dev] Challenge: Please break this! [Now with blog post]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4