Message 252012 - Python tracker (original) (raw)
Message252012
Author | Hiroki Kiyohara |
---|---|
Recipients | Hiroki Kiyohara |
Date | 2015-10-01.09:26:41 |
SpamBayes Score | -1.0 |
Marked as misclassified | Yes |
Message-id | 1443691601.94.0.65090362489.issue25288@psf.upfronthosting.co.za |
In-reply-to |
Content |
---|
Running `python` interpreter will import `readline.py` file in current directory. It causes unexpected code execution. This problem is reported by 'Japan Vulnerability Notes' as a bug on Windows version Python http://jvn.jp/jp/JVN49503705/ It says that when we run Windows version python will import `readline.pyd` file in current directory. And it may run unexpected codes with permission assigned to python.exe. The line causing this problem may be... https://github.com/python/cpython/blob/2.7/Lib/code.py#L303 Should it be considered as vulnerability of python (or Windows version python)? |
History | |||
---|---|---|---|
Date | User | Action | Args |
2015-10-01 09:26:41 | Hiroki Kiyohara | set | recipients: + Hiroki Kiyohara |
2015-10-01 09:26:41 | Hiroki Kiyohara | set | messageid: 1443691601.94.0.65090362489.issue25288@psf.upfronthosting.co.za |
2015-10-01 09:26:41 | Hiroki Kiyohara | link | issue25288 messages |
2015-10-01 09:26:41 | Hiroki Kiyohara | create |