why use special config formats?
Fredrik Lundh
fredrik at pythonware.com
Sat Mar 11 10:16:11 EST 2006
"gangesmaster" wrote:
> > Binary configs only keep out legitimate users who don't have the time or
> > ability to learn how to hack the binary format. Black hats and power users
> > will break your binary format and hack them anyway.
>
> then you dont know what pickle is. pickle code is NOT python bytecode.
> it's a bytecode they made in order to represent objects. you cannot
> "exploit" in in the essence of running arbitrary code
import pickle
print pickle.loads("cos\nsystem\np0\n(S'echo really?'\np1\ntp2\nRp3\n.")
</F>
More information about the Python-list
mailing list