Serious privacy leak in Python for Windows
Don Tuttle
tuttledon at hotmail.com
Wed Jan 16 00:27:19 EST 2002
"Mark Hammond"
> So, rather than to fix this hole, I think the best solution is to
> disable "safe" scripting by the Python Scripting engine. This will mean
> ASP, WSH etc. will continue to work, but IE will refuse to execute the
> scripts.
Not quite sure what you mean. I found that disabling "Scipt ActiveX
controls marked safe for scripting" has no effect in IE6. The test page
http://www.computerbytesman.com/privacy/pythondirdemo.htm still works.
It took disabling "Scripting:Active Scripting" to keep IE from running the
web page's code. This stops all scripting, not just Python.
Don
More information about the Python-list
mailing list