Vajrasky Kok added the comment: Hi, Senthil Kumaran, thank you for your review.
I have one small complain about your improved patch. Perhaps we need to give security warning when they want to use allow_dotted_names feature in the documentation. I omitted the warning in the demo because it is just a demo. >From the source code (Lib/xmlrpc/server.py): *** SECURITY WARNING: *** Enabling the allow_dotted_names options allows intruders to access your module's global variables and may allow intruders to execute arbitrary code on your machine. Only use this option on a secure, closed network. Whether we want to give a separate example without allow_dotted_names feature or using example without allow_dotted_names feature entirely, I am not really sure. What do you say? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue19082> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com