Using python from a browser/security hole
Neil Hodgson
nyamatongwe+gravity at gmail.com
Fri Apr 15 20:32:23 EDT 2005
Philippe:
> Would Jpython let me do that ?
> Would java let me call an external Python script - which in turn would
> access my device ?
Not without asking for more permissions than accessing the device as
being able to execute arbitrary code is very dangerous. Think of this
from the point of view of someone trying to stop malicious code from
executing because of visiting a web page. There are various ways to
install code that can be called from web pages such as installing COM
objects or writing browser extensions but you will have to get the user
to allow these and they may not have permission to do so. Often they
won't know how to allow this so you will have to write up detailed
instructions after exploring the area thoroughly yourself.
Neil
More information about the Python-list
mailing list