git.ipfire.org Git - thirdparty/Python/cpython.git/commit

]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit

projects / thirdparty / Python / cpython.git / commit

author	Guido van Rossum <guido@python.org>
	Fri, 31 May 2002 21:19:53 +0000 (21:19 +0000)
committer	Guido van Rossum <guido@python.org>
	Fri, 31 May 2002 21:19:53 +0000 (21:19 +0000)
commit	c883ad633c45540a82788d3e69d1aeca5e18ebe1
tree	8363812ded2a92a6e1d31a1054daa8bd1133c40b	tree \| snapshot
parent	a5fd7ba939d07fcc8788d19d72b499bb91ebcacf	commit \| diff

Backport to 2.1.x:

SF bug 533625 (Armin Rigo). rexec: potential security hole

If a rexec instance allows writing in the current directory (a common
thing to do), there's a way to execute bogus bytecode. Fix this by
not allowing imports from .pyc files (in a way that allows a site to
configure things so that .pyc files *are* allowed, if writing is not
allowed).

Doc/lib/librexec.tex		diff \| blob \| blame \| history
Lib/rexec.py		diff \| blob \| blame \| history

Mirror of https://github.com/python/cpython.git

RSS Atom