git.ipfire.org Git - thirdparty/Python/cpython.git/commit

]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit

projects / thirdparty / Python / cpython.git / commit

author	Guido van Rossum <guido@python.org>
	Fri, 31 May 2002 21:17:53 +0000 (21:17 +0000)
committer	Guido van Rossum <guido@python.org>
	Fri, 31 May 2002 21:17:53 +0000 (21:17 +0000)
commit	6ad0a79c0705df9eb2a3ddfce187f293497d2ba0
tree	2f175259612098ed929d56cd9bcf1ef7dce78d8c	tree \| snapshot
parent	fed8cc1d3e6a610e35b3c61b1aa15ef633ddd89f	commit \| diff

Backport to 2.2.x:

SF bug 533625 (Armin Rigo). rexec: potential security hole

If a rexec instance allows writing in the current directory (a common
thing to do), there's a way to execute bogus bytecode. Fix this by
not allowing imports from .pyc files (in a way that allows a site to
configure things so that .pyc files *are* allowed, if writing is not
allowed).

Doc/lib/librexec.tex		diff \| blob \| blame \| history
Lib/rexec.py		diff \| blob \| blame \| history

Mirror of https://github.com/python/cpython.git

RSS Atom