Message239008
we are all consenting adults here. Why do you modify a private attribute?
> I am changing the type to security as I dont think this is a behaviour issue.
I don't understand why do you consider that it is a security vulnerability?
>>> import hack_uname
# Someone imports my module unaware of the hack (see attached file)
Your exploit starts by running untrusted Python code. Never do that. The vulnerability is the ability to load unstrusted Python code, not to modify the platform module.
I close the issue as not a bug. |
|
Date |
User |
Action |
Args |
2015-03-23 10:43:46 | vstinner | set | recipients:
+ vstinner, pythonhacker |
2015-03-23 10:43:46 | vstinner | set | messageid: <1427107426.02.0.315685054827.issue23748@psf.upfronthosting.co.za> |
2015-03-23 10:43:45 | vstinner | link | issue23748 messages |
2015-03-23 10:43:45 | vstinner | create | |
|