This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author gvanrossum
Recipients
Date 2002-08-17.20:01:57
SpamBayes Score
Marked as misclassified
Message-id
In-reply-to
Content
Logged In: YES 
user_id=6380

I find it hard to believe that putting __builtins__ back
once per r_exec() call would be sufficient.

What if someone wrote "del __builtins__; import socket" ?

Backporting to 2.1 sounds like giving people a false sense
of security. If there's a message to be gotten out, it is
"don't trust rexec". This fix doesn't make me more confident
but less (even if applied).
History
Date User Action Args
2007-08-23 14:02:49adminlinkissue577530 messages
2007-08-23 14:02:49admincreate