[Python-checkins] python/dist/src/Doc/lib librexec.tex,1.19,1.20

fdrake@users.sourceforge.net fdrake@users.sourceforge.net
Tue, 27 Aug 2002 09:46:08 -0700 

Update of /cvsroot/python/python/dist/src/Doc/lib
In directory usw-pr-cvs1:/tmp/cvs-serv19759/Doc/lib

Modified Files:
	librexec.tex 
Log Message:
Add strong security warning about the rexec module.
Closes SF patch #600861.

Minor markup changes.


Index: librexec.tex
===================================================================
RCS file: /cvsroot/python/python/dist/src/Doc/lib/librexec.tex,v
retrieving revision 1.19
retrieving revision 1.20
diff -C2 -d -r1.19 -r1.20
*** librexec.tex	31 May 2002 21:12:53 -0000	1.19
--- librexec.tex	27 Aug 2002 16:46:06 -0000	1.20
***************
*** 6,10 ****
  
  
- 
  This module contains the \class{RExec} class, which supports
  \method{r_eval()}, \method{r_execfile()}, \method{r_exec()}, and
--- 6,9 ----
***************
*** 16,23 ****
  can subclass \class{RExec} to add or remove capabilities as desired.
  
! \note{The \class{RExec} class can prevent code from performing
! unsafe operations like reading or writing disk files, or using TCP/IP
! sockets.  However, it does not protect against code using extremely
! large amounts of memory or processor time.}
  
  \begin{classdesc}{RExec}{\optional{hooks\optional{, verbose}}}
--- 15,35 ----
  can subclass \class{RExec} to add or remove capabilities as desired.
  
! \begin{notice}[warning]
!   While the \module{rexec} module is designed to perform as described
!   below, it does have a few known vulnerabilities which could be
!   exploited by carefully written code.  Thus it should not be relied
!   upon in situations requiring ``production ready'' security.  In such
!   situations, execution via sub-processes or very careful
!   ``cleansing'' of both code and data to be processed may be
!   necessary.  Alternatively, help in patching known \module{rexec}
!   vulnerabilities would be welcomed.
! \end{notice}
! 
! \begin{notice}
!   The \class{RExec} class can prevent code from performing unsafe
!   operations like reading or writing disk files, or using TCP/IP
!   sockets.  However, it does not protect against code using extremely
!   large amounts of memory or processor time.
! \end{notice}
  
  \begin{classdesc}{RExec}{\optional{hooks\optional{, verbose}}}