If your were going to program a game...

Steven D'Aprano steven at REMOVE.THIS.cybersource.com.au
Wed Jan 7 00:35:12 CET 2009

On Tue, 06 Jan 2009 10:44:39 -0700, Joe Strout wrote:

> Not that I have anything against Flash; I've started learning it just
> last week, and apart from the nasty C-derived syntax, it's quite nice.
> It has a good IDE, good performance, great portability, and it's easy to
> use.  It just surprises me that after all these years, the Python
> community hasn't done something similar.

It's bad enough that every time I go to a website using Flash, my browser 
is running untrusted code in my browser, but at least Adobe has spent a 
bucket-load of time and money making it (almost) secure. I sure as hell 
don't want arbitrary Python code running in my browser.

Oh, and even Adobe hasn't got it completely right: IBM research Mark 
Dowd has demonstrated an incredible vulnerability that allows a 
single Trojan to exploit Flash in either IE or Firefox while leaving 
the Flash runtime operating normally. And it can bypass Vista 
security. Although Dowd doesn't explicitly mention other OSes, I see 
no reason to believe the same technique wouldn't work on Linux.


This is not your regular buffer overflow vulnerability. Read it and weep.


More information about the Python-list mailing list