Le samedi 28 janvier 2006 à 13:35 +0900, Junichi Uekawa a écrit : > http://lists.debian.org/debian-security/2006/01/msg00010.html > > I think the conclusion about LD_PATH was > python includes the 'current directory of the executed binary' > ruby includes the 'current directory', thus unsafe.
That's right. Any python script that may be put in an unsafe directory
should first call:
import sys
sys.path.remove('')
--
.''`. Josselin Mouette /\./\
: :' : [EMAIL PROTECTED]
`. `' [EMAIL PROTECTED]
`- Debian GNU/Linux -- The power of freedom
signature.asc
Description: Ceci est une partie de message numériquement signée
