[issue6990] threading.local subclasses don't cleanup their state and it gets recycled
Philip Jenvey
report at bugs.python.org
Fri Sep 25 19:26:08 CEST 2009
Philip Jenvey <pjenvey at users.sourceforge.net> added the comment:
Also I've tagged this as a (potential) security issue. E.g. if a web app
were affected, one user could potentially access another's data.
I actually noticed it in the Beaker sessioning/caching middleware (used by
Pylons and other web frameworks). Though it only manifested itself as an
exception in Beaker, others may not be so lucky
So I'd like to apply the ultimate fix all the way down to at least the 2.5
branch
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue6990>
_______________________________________
More information about the Python-bugs-list
mailing list