OT: What's up with the starship?

A.M. Kuchling amk at amk.ca
Tue Oct 17 13:58:48 CEST 2006


On Mon, 16 Oct 2006 14:50:03 -0500, 
	skip at pobox.com <skip at pobox.com> wrote:
> suggests that it was sufficiently obscure that either a) nobody who knew
> about it found a way to take advantage of it, or b) it was only recently

It might well be difficult to exploit to run arbitrary code because
your exploit code needs to have no unprintable bytes in it; repr()
turns unprintable characters into \xNN, after all, and isn't doing a
straightforward string copy.  (But hackers can be very clever...)

--amk



More information about the Python-list mailing list