On Thu, Mar 5, 2015 at 12:39 AM, Dave Farrance <[email protected]> wrote: > Ben Finney <[email protected]> wrote: > >>Chris Angelico <[email protected]> writes: >> >>> import base64; exec(…) >> >>That's all I need to know. Code with ‘exec()’ calls, I consider unsafe >>by default. > > Indeed. replacing exec with print... > >>>> print(base64.b64decode(b"eD0neD0lcjsgZXhlYyh4JSV4KSc7IGV4ZWMoeCV4KQ==")) > x='x=%r; exec(x%%x)'; exec(x%x) > > so, discarding that second exec... > >>>> x='x=%r; exec(x%%x)' >>>> print(x) > x=%r; exec(x%%x) > > So it recurses, and if that second exec had been left in then it would be > a fork bomb.
In order to be a fork bomb, it would have to call fork at some point. This is just a race to see whether you'll run out of memory before the recursion limit is reached. -- https://mail.python.org/mailman/listinfo/python-list
