From: Guido van Rossum <guido@python.org>
Date: Sun, 15 Sep 2002 06:08:27 +0000 (+0000)
Subject: Backport (the relevant part of) rexec.py 1.41.
X-Git-Tag: v2.2.2b1~171
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d412a12fb76234d22e694c09812b8639fd14c7a9;p=thirdparty%2FPython%2Fcpython.git

Backport (the relevant part of) rexec.py 1.41.

Address SF bug #577530: del __builtins__ breaks out of rexec

Using the suggestion there: add_module() forces __builtin__ back; this
fixes r_exec, r_eval, r_execfile.

This does not mean that rexec is now considered safe!  But for those
willing to take the risk, it's safer than before.  (Note that a safety
analysis of the code module would be wise if you plan to use the
interactive console for real -- I've only ever used it to play with
restricted mode.)
---

diff --git a/Lib/rexec.py b/Lib/rexec.py
index 04ff405fcf0e..0966d1278935 100644
--- a/Lib/rexec.py
+++ b/Lib/rexec.py
@@ -288,9 +288,9 @@ class RExec(ihooks._Verbose):
     # Add a module -- return an existing module or create one
 
     def add_module(self, mname):
-        if self.modules.has_key(mname):
-            return self.modules[mname]
-        self.modules[mname] = m = self.hooks.new_module(mname)
+        m = self.modules.get(mname)
+        if m is None:
+            self.modules[mname] = m = self.hooks.new_module(mname)
         m.__builtins__ = self.modules['__builtin__']
         return m