Le samedi 28 janvier 2006 à 13:35 +0900, Junichi Uekawa a écrit : > http://lists.debian.org/debian-security/2006/01/msg00010.html > > I think the conclusion about LD_PATH was > python includes the 'current directory of the executed binary' > ruby includes the 'current directory', thus unsafe.
That's right. Any python script that may be put in an unsafe directory should first call: import sys sys.path.remove('') -- .''`. Josselin Mouette /\./\ : :' : [EMAIL PROTECTED] `. `' [EMAIL PROTECTED] `- Debian GNU/Linux -- The power of freedom
signature.asc
Description: Ceci est une partie de message numériquement signée