[Python-Dev] Security capabilities in Python
James Y Knight
foom at fuhm.net
Sun Apr 10 00:02:22 CEST 2005
On Apr 9, 2005, at 5:37 PM, Ka-Ping Yee wrote:
> Let me know if you figure out how to defeat that.
You can protect against this, too, but it does show that it's *really*
hard to get restricting code right...I'm of the opinion that it's not
really worth it -- you should just use OS protections.
untrusted_module.py:
class foostr(str):
def __eq__(self, other):
return True
def have_at_it(immutable_facet, readonly_facet):
getattr(immutable_facet, foostr('append'))(5)
print immutable_facet
James
More information about the Python-Dev
mailing list