The bug tracker for setuptools 0.7 or higher is on BitBucket

 

Issue59

Title [PATCH] sandbox.py replaces builtin type file with builtin function open
Priority critical Status resolved
Superseder Nosy List pje, pjenvey
Assigned To pje Keywords

Created on 2009-02-14.01:10:15 by pjenvey, last changed 2009-10-19.19:13:31 by pje.

Files
File name Uploaded Type Edit Remove
builtin_file-r66750.diff pjenvey, 2009-02-14.01:10:14 text/plain
Messages
msg413 (view) Author: pje Date: 2009-10-19.19:13:31
setuptools 0.6c10 is released with a fix for this issue.
msg366 (view) Author: pje Date: 2009-10-10.19:19:13
This patch introduces a new hole: the file() builtin will be allowed to bypass
the sandbox.  I'm implementing a replacement that will work prevent this.
msg236 (view) Author: pjenvey Date: 2009-02-14.01:10:14
builtin open changed from an alias to the file type to a function in Python 2.5. 
sandbox.py assumes file is open when replacing/restoring the two with sandboxed 
versions

Attached is a patch that removes that hardcoding

Prioritized as critical, this is evil!
History
Date User Action Args
2009-10-19 19:13:31pjesetstatus: in-progress -> resolved
messages: + msg413
2009-10-10 23:36:50pjesetstatus: chatting -> in-progress
2009-10-10 19:19:13pjesetstatus: unread -> chatting
messages: + msg366
2009-02-14 01:10:15pjenveycreate