Message 174469 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	skrah
Recipients	Arfrever, Ramchandra Apte, asvetlov, gpolo, mark.dickinson, pitrou, skrah, terry.reedy, zach.ware
Date	2012年11月01日.20:18:00
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1351801080.77.0.179401829501.issue16248@psf.upfronthosting.co.za>

Content
Isn't IDLE supposed to be a Python shell? As I understand this issue, you'd have the same "exploit" by adding this to your .bashrc: echo "EXPLOIT" > /root/exploit Then, as a normal user, run: sudo bash It would be nice to get rid of the exec, but why is this an exploit?

Content

Isn't IDLE supposed to be a Python shell? As I understand this issue,
you'd have the same "exploit" by adding this to your .bashrc:
echo "EXPLOIT" > /root/exploit
Then, as a normal user, run:
sudo bash
It would be nice to get rid of the exec, but why is this an exploit?

History
Date	User	Action	Args
2012年11月01日 20:18:00	skrah	set	recipients: + skrah, terry.reedy, mark.dickinson, pitrou, gpolo, Arfrever, asvetlov, Ramchandra Apte, zach.ware
2012年11月01日 20:18:00	skrah	set	messageid: <1351801080.77.0.179401829501.issue16248@psf.upfronthosting.co.za>
2012年11月01日 20:18:00	skrah	link	issue16248 messages
2012年11月01日 20:18:00	skrah	create

homepage