[Catalog-sig] Attempts to hack pypi?

"Martin v. Löwis" martin at v.loewis.de
Fri Dec 2 23:42:45 CET 2011

> ...which looks a lot like someone trying to hack information from the
> PyPI server, so thought I'd let you know...

People are encouraged to review the code, but I'm fairly sure that these
attempts are futile. ISTM that this is a generic attack to try to fill
out parameters that remotely look like file names with what the attacker
thinks might also be valid filenames.

You can find the :action processing in inner_run of



More information about the Catalog-SIG mailing list