Message 270655 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	serhiy.storchaka
Recipients	Decorater, ammar2, ned.deily, pabstersac, r.david.murray, serhiy.storchaka
Date	2016-07-17.17:38:12
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1468777092.48.0.937854422899.issue27538@psf.upfronthosting.co.za>
In-reply-to

Content
If you construct a code object with user input without a checking, the segfault is the least of your problems. The user can inject a code that formats your hard disk or steals your passwords. It is impossible to write general checker that accepts all legitimate bytecode, but rejects malicious bytecode.

If you construct a code object with user input without a checking, the segfault is the least of your problems. The user can inject a code that formats your hard disk or steals your passwords. It is impossible to write general checker that accepts all legitimate bytecode, but rejects malicious bytecode.

History
Date	User	Action	Args
2016-07-17 17:38:12	serhiy.storchaka	set	recipients: + serhiy.storchaka, ned.deily, r.david.murray, pabstersac, ammar2, Decorater
2016-07-17 17:38:12	serhiy.storchaka	set	messageid: <1468777092.48.0.937854422899.issue27538@psf.upfronthosting.co.za>
2016-07-17 17:38:12	serhiy.storchaka	link	issue27538 messages
2016-07-17 17:38:12	serhiy.storchaka	create