Message252012
| Author |
Hiroki Kiyohara |
| Recipients |
Hiroki Kiyohara |
| Date |
2015年10月01日.09:26:41 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1443691601.94.0.65090362489.issue25288@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
Running `python` interpreter will import `readline.py` file in current directory.
It causes unexpected code execution.
This problem is reported by 'Japan Vulnerability Notes' as a bug on
Windows version Python http://jvn.jp/jp/JVN49503705/
It says that when we run Windows version python will import `readline.pyd` file in current directory. And it may run unexpected codes with permission assigned to python.exe.
The line causing this problem may be...
https://github.com/python/cpython/blob/2.7/Lib/code.py#L303
Should it be considered as vulnerability of python (or Windows version python)? |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2015年10月01日 09:26:41 | Hiroki Kiyohara | set | recipients:
+ Hiroki Kiyohara |
| 2015年10月01日 09:26:41 | Hiroki Kiyohara | set | messageid: <1443691601.94.0.65090362489.issue25288@psf.upfronthosting.co.za> |
| 2015年10月01日 09:26:41 | Hiroki Kiyohara | link | issue25288 messages |
| 2015年10月01日 09:26:41 | Hiroki Kiyohara | create |
|