[Python-Dev] Restricted interpreter
Guido van Rossum
guido@python.org
Fri, 08 Nov 2002 18:00:47 -0500
> > Maybe you can use the time you were going to spend on reinventing
> > rexec for a security audit instead...
>
> Good idea. Here's a first major problem:
>
> class S(str):
> def __eq__(self, obj):
> return 1
> open("/tmp/foo", S("w")).write("Ouch!")
>
> I'll keep looking..
Can you collect those in the SF bug tracker?
(Patches would be great too, of course. ;-)
--Guido van Rossum (home page: http://www.python.org/~guido/)