➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2006-08-24 19:30 by jimjjewett, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Messages (2) | |||
|---|---|---|---|
| msg29678 - (view) | Author: Jim Jewett (jimjjewett) | Date: 2006-08-24 19:30 | |
Referring to http://svn.python.org/view/python/ branches/bcannon-sandboxing/ securing_python.txt?view=markup but there doesn't seem to be a group/category for feedback on branches. The sys module should *not* be shared between interpreters, even though it is an extension module. (If need be, each sys module can be a proxy that itself imports from the "real" sys.) sys should probably also be filled explicitly on creation, like builtins. (And the same for os, os.path?) Note that this will affect which sys.attributes should be available (perhaps read-only) or hidden by default - - and that should really only be by default. For specific examples: + some programs modify sys.argv to communicated between modules. So long as the initial value of sys.argv is set to something sufficiently discreet, there should be no problem letting them continue to do so. + The current draft hides sys.subversion (revealing unpatched bugs?) but shows sys.version (which reveals the same information, at a coarser grain). + getdefaultencoding may compromise privacy information, particularly for smaller languages. |
|||
| msg29679 - (view) | Author: Brett Cannon (brett.cannon) *  |
Date: 2006-08-24 20:57 | |
Logged In: YES user_id=357491 The 'sys' module won' be shared since it is unique per interpreter at the C level. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:19 | admin | set | github: 43892 |
| 2006-08-24 19:30:19 | jimjjewett | create | |