Message158199
A bit of experimentation indicates that for regular file access, there probably is no security problem, but bad paths will look in weird places, and if they find a file of the right name, will return it. It would be much better to diagnose such paths. There is even a comment to that effect in translate_path. |
|
Date |
User |
Action |
Args |
2012-04-13 08:02:47 | v+python | set | recipients:
+ v+python, orsenthil |
2012-04-13 08:02:47 | v+python | set | messageid: <1334304167.85.0.0823682408865.issue14567@psf.upfronthosting.co.za> |
2012-04-13 08:02:47 | v+python | link | issue14567 messages |
2012-04-13 08:02:47 | v+python | create | |
|