[Python-Dev] PEP 215 redux: toward a simplified consensus?
Martin v. Loewis
martin@v.loewis.de
25 Feb 2002 23:25:48 +0100
25 Feb 2002 23:25:48 +0100
- Previous message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
- Next message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
barry@zope.com (Barry A. Warsaw) writes: > JE> i.e., the translator (or other person who can influence the > JE> format string) can access other information in the dict you > JE> pass in, even if you didn't intend it. > > That's a very interesting vulnerability you bring up! That's not a vulnerability. It assumes that the translator is an attacker, or that the attacker can change the catalogs. If he is or can, you could not trust them, anyway, as they could cause arbitrary other failures, as well. Regards, Martin
- Previous message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
- Next message: [Python-Dev] PEP 215 redux: toward a simplified consensus?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]