tav <tav <at> espians.com> writes: > > I've fixed this hole in safelite.py, but would be interested to know > if there are other non-user-initiated dynamically imported modules?
You'd better make __builtins__ read-only, it will plug a whole class of attacks like this. _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
