Message 137741 - Python tracker

Message137741

Author	Niels.Heinen
Recipients	Niels.Heinen, eric.araujo, jcea, r.david.murray
Date	2011-06-06.15:09:14
SpamBayes Score	6.6840453e-06
Marked as misclassified	No
Message-id	<1307372955.69.0.766886823574.issue12238@psf.upfronthosting.co.za>
In-reply-to

Content
Hi Eric, David, This means that you cannot type "python" and press <enter> in any shared directory without the risk of a malicious readlinemodule.so being imported and executed. I think this is different from a scenario where someone explicitly runs a script or imports a module in interactive mode where it is also reasonable that such a person understands the importing mechanism. Thanks for the quick responses btw! Niels

Content

Hi Eric, David,

This means that you cannot type "python" and press <enter> in any shared directory without the risk of a malicious readlinemodule.so being imported and executed.  

I think this is different from a scenario where someone explicitly runs a script or imports a module in interactive mode where it is also reasonable that such a person understands the importing mechanism.

Thanks for the quick responses btw!

Niels

History
Date	User	Action	Args
2011-06-06 15:09:15	Niels.Heinen	set	recipients: + Niels.Heinen, jcea, eric.araujo, r.david.murray
2011-06-06 15:09:15	Niels.Heinen	set	messageid: <1307372955.69.0.766886823574.issue12238@psf.upfronthosting.co.za>
2011-06-06 15:09:15	Niels.Heinen	link	issue12238 messages
2011-06-06 15:09:14	Niels.Heinen	create