<[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED]
> http://www.ddj.com/184405774;jsessionid=BDDEMUGJOPXUMQSNDLQCKHSCJUNN2JVN > > I saw a warning from homeland security about this. I only comment on > the because I am trying to use os.system('command1 arg') and it doesn't > work but I do see examples with % that is borrowed from the c language. > Seems like if I can write a batch file that does something the same > behavior should happen in the os module.. Pure Python programs are not affected, but a review of the C implementation should be made to see if any (variant of) printf is used without a proper format. Anyway I doubt you could find something, because the vulnerability is so well known for ages. -- Gabriel Genellina -- http://mail.python.org/mailman/listinfo/python-list
