Feb. 23, 2009
5:41 p.m.
Could one of you please review:
http://codereview.appspot.com/20051
The patch is a mere 6 lines of code and provides the absolute minimum that is needed to secure the Python interpreter!
Unlike Guido, I'm not quite willing to your word for it. OTOH, the patch looks harmless (with minor corrections). It could be considered a bug fix for the current set of restricted attributes (although I do wish somebody would present a design telling what reflective attributes must be restricted and why; the current set looks arbitrary) Regards, Martin