[Python-Dev] Some news from my sandbox project (original) (raw)
Greg Ewing greg.ewing at canterbury.ac.nz
Sat Sep 18 10:24:49 CEST 2010
- Previous message: [Python-Dev] Some news from my sandbox project
- Next message: [Python-Dev] Some news from my sandbox project
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Victor Stinner wrote:
I'm still developing irregulary my sandbox project since last june.
Today, the biggest problem is the creation of a read only view of the builtins dictionary.
Why do you think you need to do this? What form of attack would a writable builtins expose you to that would be prevented by making it read-only?
Seems to me that the only way you could exploit a writable builtins would be to put a function in there that does something bad. But if you can create or obtain such a function in the first place, you can just call it directly.
-- Greg
- Previous message: [Python-Dev] Some news from my sandbox project
- Next message: [Python-Dev] Some news from my sandbox project
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]