Message 53427 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	phr
Recipients
Date	2003-02-14.04:47:45
SpamBayes Score
Marked as misclassified
Message-id
In-reply-to

Content
Logged In: YES user_id=72053 With new-style classes, maybe this can be done by subclassing string somehow. There would be a subclass for tainted strings and trying to do most things with them would raise an exception. With taint checking enabled, functions like os.getenv and cgi.FieldStorage would make objects containing tainted strings. You'd untaint them by passing them to re.search or re.match and pulling out the match variables, like in Per.

Logged In: YES 
user_id=72053

With new-style classes, maybe this can be done by
subclassing string somehow.  There would be a subclass for
tainted strings and trying to do most things with them would
raise an exception.  With taint checking enabled, functions
like os.getenv and cgi.FieldStorage would make objects
containing tainted strings.  You'd untaint them by passing
them to re.search or re.match and pulling out the match
variables, like in Per.

History
Date	User	Action	Args
2007-08-23 16:01:57	admin	link	issue500698 messages
2007-08-23 16:01:57	admin	create