[Python-Dev] Cookie.py security (original) (raw)

Greg Stein gstein@lyra.org
Wed, 30 Aug 2000 18:53:10 -0700

• Previous message: [Python-Dev] Cookie.py security
• Next message: [Python-Dev] Cookie.py security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Aug 30, 2000 at 09:21:23PM -0400, Jeremy Hylton wrote:

... But neither marshal nor pickle is safe. It is possible to cause a core dump by passing marshal invalid data. It may also be possible to launch a stack overflow attack -- not sure.

I believe those core dumps were fixed. Seems like I remember somebody doing some work on that.

??

Cheers, -g

-- Greg Stein, http://www.lyra.org/

• Previous message: [Python-Dev] Cookie.py security
• Next message: [Python-Dev] Cookie.py security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]