Message173000
I should point out that there is also dangerous code in Lib/test/test_subprocess.py in the test_cwd() function. There, the following is executed from /tmp:
python -c 'import sys,os; sys.stdout.write(os.getcwd())'
As Python luckily knows where to import sys and os from, this doesn't seem exploitable, but it should be fixed. |
|
Date |
User |
Action |
Args |
2012-10-15 20:24:59 | jdemeyer | set | recipients:
+ jdemeyer, georg.brandl, ncoghlan, vstinner, christian.heimes, schmir, robertwb, benjamin.peterson, tarek, eric.araujo, Arfrever, iankko, eric.snow, hynek, Alan.Williams, vbraun, hasufell |
2012-10-15 20:24:59 | jdemeyer | set | messageid: <1350332699.19.0.739265778461.issue16202@psf.upfronthosting.co.za> |
2012-10-15 20:24:59 | jdemeyer | link | issue16202 messages |
2012-10-15 20:24:59 | jdemeyer | create | |
|