Message271365
> Why do you need octal addresses? What is your use case? :-p
I didn't, but an attacker leveraged this to bypass security. We had checks against `127.0.0.1`, but this resolved to `177.0.0.1` incorrectly, bypassing the check. We were using `socket.gethostbyname` which yielded this.
See https://github.com/getsentry/sentry/pull/3787 for a little bit more context. |
|
Date |
User |
Action |
Args |
2016-07-26 13:30:08 | mattrobenolt | set | recipients:
+ mattrobenolt, ronaldoussoren, vstinner, ned.deily, r.david.murray, koobs, eryksun, xiang.zhang |
2016-07-26 13:30:08 | mattrobenolt | set | messageid: <1469539808.11.0.635862155523.issue27612@psf.upfronthosting.co.za> |
2016-07-26 13:30:08 | mattrobenolt | link | issue27612 messages |
2016-07-26 13:30:08 | mattrobenolt | create | |
|