Executing untrusted code

Steven D'Aprano steve at REMOVE-THIS-cybersource.com.au
Thu Aug 20 20:42:24 CEST 2009


On Thu, 20 Aug 2009 08:16:51 -0700, Emanuele D'Arrigo wrote:

> In what ways would the untrusted string be able to obtain the original,
> built-in open function and open a file for writing?

On a related topic, you should read this post here:

http://tav.espians.com/a-challenge-to-break-python-security.html


-- 
Steven



More information about the Python-list mailing list