Serious privacy leak in Python for Windows

Don Tuttle tuttledon at
Wed Jan 16 00:27:19 EST 2002

"Mark Hammond"
> So, rather than to fix this hole, I think the best solution is to
> disable "safe" scripting by the Python Scripting engine.  This will mean
> ASP, WSH etc. will continue to work, but IE will refuse to execute the
> scripts.

Not quite sure what you mean.  I found that disabling "Scipt ActiveX
controls marked safe for scripting" has no effect in IE6.  The test page still works.

It took disabling "Scripting:Active Scripting" to keep IE from running the
web page's code.  This stops all scripting, not just Python.


More information about the Python-list mailing list