To all ActivePython users on Windows,
It was recently pointed out on comp.lang.python that there is a privacy issue
in the ActiveScripting support in the Python for Windows extensions, which
are a standard part of an ActivePython installation on Windows:
http://aspn.activestate.com/ASPN/Mail/Message/python-list/984469
In the words of Mark Hammond, the maintainer of the Python for Windows
extensions:
The basic issue is that the contents of your hard disk could be read by
an arbitrary web page. These pages are not capable of modifying the
contents of your disk, but almost any file on the disk can be read.
It is extremely unlikely that anyone would use this for any kind of
privacy invasion. The total number of computers with these extensions
installed is so tiny compared to the number of web browsers that no
useful information would be able to be gathered. The chances of hitting
a user with Python installed is negligible.
That said, it is a hole worth closing.
http://starship.python.net/crew/mhammond/win32/PrivacyProblem.html
Please see this link for steps that you can take (and that we recommend you
take) to fix the problem.
Note that all current ActivePython releases are affected. Subsequent
ActivePython releases will include Mark's fix.
Sincerely,
Trent
--
Trent Mick
ActivePython maintainer
[EMAIL PROTECTED]
_______________________________________________
ActivePython mailing list
[EMAIL PROTECTED]
http://listserv.ActiveState.com/mailman/listinfo/activepython
