This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author gpolo
Recipients Arfrever, Ramchandra Apte, asvetlov, gpolo, mark.dickinson, pitrou, skrah, terry.reedy, zach.ware
Date 2012-11-01.20:49:42
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <CADrNvOetxwCjNVF9G_DDxsYhSKejcaDnTOm8_hsj7FZyCqcBMQ@mail.gmail.com>
In-reply-to <1351801597.97.0.427429050266.issue16248@psf.upfronthosting.co.za>
Content
It is not IDLE specific. But I still fail to see how this actually is a
security bug. It doesn't give more power to the user than the user already
gave to it. If you are recklessly installing untrusted libraries or
anything for the matter, then you already have a lot of other problems.

Anyways, I would still go with my earlier option because I never used this
piece of code.

2012/11/1 Antoine Pitrou <report@bugs.python.org>

>
> Antoine Pitrou added the comment:
>
> As I understand it, this is not specifically about IDLE. Any Tk app would
> be vulnerable.
>
> ----------
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue16248>
> _______________________________________
>
History
Date User Action Args
2012-11-01 20:49:42gpolosetrecipients: + gpolo, terry.reedy, mark.dickinson, pitrou, Arfrever, asvetlov, skrah, Ramchandra Apte, zach.ware
2012-11-01 20:49:42gpololinkissue16248 messages
2012-11-01 20:49:42gpolocreate