Serious privacy leak in Python for Windows

Aahz Maruch aahz at panix.com
Wed Jan 16 12:57:32 CET 2002


[posted & e-mailed]

In article <3C44FEC0.6060508 at skippinet.com.au>,
Mark Hammond  <mhammond at skippinet.com.au> wrote:
>
>So: to disable ALL Python Active Scripting on your machine, simply execute:
>Z:\>win32comext\axscript\client\pyscript.py --unregister
>
>This will close the loophole, but also prevent ASP, WSH etc from working.
>
>Later versions of win32all/ActivePython will be setup so that ASP etc
>work by default, but you will need to manually register an alternative
>COM object for use with IE.

Just to be clear, precisely what versions of Python need this fix?  Does
this apply only to ActiveState Python, does it apply to anyone who
downloads win32all, or does it apply to all Python downloads for
Windows?
-- 
                      --- Aahz  <*>  (Copyright 2002 by aahz at pobox.com)

Hugs and backrubs -- I break Rule 6                 http://www.rahul.net/aahz/
Androgynous poly kinky vanilla queer het Pythonista   

"There are times when effort is important and necessary, but this should
not be taken as any kind of moral imperative."  --jdecker



More information about the Python-list mailing list