[issue5753] CVE-2008-5983 python: untrusted python modules search path
Tomas Hoger
report at bugs.python.org
Thu Jul 16 09:03:51 CEST 2009
Tomas Hoger <thoger at redhat.com> added the comment:
This is not really the same thing as issue 946373. That one seems to be
about adding script's directory as the first thing in sys.path.
Comments there seem to mix both interactive ('' in sys.path) and
non-interactive (os.path.dirname(os.path.abspath(sys.argv[0])) in
sys.path) python uses, while CVE-2008-5983 is only about '' in sys.path,
mostly related to embedded use, rather than for python interpreter itself.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue5753>
_______________________________________
More information about the Python-bugs-list
mailing list