[Python-Dev] sudo security hole w/ potential Python connection

skip at pobox.com skip at pobox.com
Tue Jan 10 15:46:22 CET 2006

• Previous message: [Python-Dev] Logging enhancements
• Next message: [Python-Dev] sudo security hole w/ potential Python connection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Got this from a Google alert overnight. It's not really a Python problem
(it's a sudo problem), but it's probably not a bad idea to understand the
implications.
 >> SUDO Python Environment Cleaning Privilege Escalation ...
 >> Secunia - UK
 >> ... This can be exploited by a user with sudo access to a python script
 >> to gain access to an interactive python prompt via the "PYTHONINSPECT"
 >> environment variable ...
 >> <http://secunia.com/advisories/18358/>
Skip

---

• Previous message: [Python-Dev] Logging enhancements
• Next message: [Python-Dev] sudo security hole w/ potential Python connection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-Dev mailing list