Disabling rexec for ActiveScripting in Local Intranet Zone?

Mark Hammond mhammond at skippinet.com.au
Fri Mar 15 23:20:11 EST 2002


Mark Hammond wrote:

Oops - premature send :)


> To disable rexec, open pyscript.py and locate the following block:
>     def RegisterNamedItem(self, item):
>         if self.rexec_env is None:
>             if self.safetyOptions:
>                 # Use RExec.
>                 self.rexec_env = AXRExec(self.globalNameSpaceModule)
>             else:
>                 # DONT use RExec.
>                 self.rexec_env = AXNotRExec(self.globalNameSpaceModule)

and modify the code accordingly.

Of course, it seems to me that even better would be a fix so that if IE 
has had the security restrictions lifted, then RExec is not used.  I 
will try and remember to look into this (but feel free to add a new bug 
in the ActivePython bug database)

Mark.





More information about the Python-list mailing list