Disabling rexec for ActiveScripting in Local Intranet Zone?
Mark Hammond
mhammond at skippinet.com.au
Fri Mar 15 23:20:11 EST 2002
Mark Hammond wrote:
Oops - premature send :)
> To disable rexec, open pyscript.py and locate the following block:
> def RegisterNamedItem(self, item):
> if self.rexec_env is None:
> if self.safetyOptions:
> # Use RExec.
> self.rexec_env = AXRExec(self.globalNameSpaceModule)
> else:
> # DONT use RExec.
> self.rexec_env = AXNotRExec(self.globalNameSpaceModule)
and modify the code accordingly.
Of course, it seems to me that even better would be a fix so that if IE
has had the security restrictions lifted, then RExec is not used. I
will try and remember to look into this (but feel free to add a new bug
in the ActivePython bug database)
Mark.
More information about the Python-list
mailing list