Author tseaver
Recipients
Date 2005-02-16.21:34:03
SpamBayes Score
Marked as misclassified
Message-id
In-reply-to
Content 
This change breaks an obscure bit of Zope's security
machinery,
which uses the __name__ of a function to construct the
synthetic
attribute name under which the roles for a method are
stored.

$ ../bin/python2.3
Python 2.3.4 (#3, Jan 27 2005, 10:46:13)
[GCC 3.3.4 (Debian 1:3.3.4-9ubuntu5)] on linux2
Type "help", "copyright", "credits" or "license" for
more information.
>>> code = """\
... def func():
...     pass
... print func.__name__
... """
>>> exec code
func
>>> globs = {'__builtins__':{}}
>>> exec code in globs
func
>>> ^D

$ ../bin/python2.4
Python 2.4 (#1, Feb 16 2005, 13:11:02)
[GCC 3.3.4 (Debian 1:3.3.4-9ubuntu5)] on linux2
Type "help", "copyright", "credits" or "license" for
more information.
>>> code = """\
... def func():
...     pass
... print func.__name__
... """
>>> exec code
func
>>> globs = {'__builtins__':{}}
>>> exec code in globs
Traceback (most recent call last):
  File "<stdin>", line 1, in ?
  File "<string>", line 3, in ?
RuntimeError: function attributes not accessible in
restricted mode
>>> ^D
History
Date User Action Args
2007-08-23 14:29:35adminlinkissue1124295 messages
2007-08-23 14:29:35admincreate