Bugs item #1546203, was opened at 2006-08-24 15:30 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1546203&group_id=5470
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: 3rd Party Status: Open Resolution: None Priority: 5 Submitted By: Jim Jewett (jimjjewett) Assigned to: Nobody/Anonymous (nobody) Summary: bcannon secure branch issues Initial Comment: Referring to http://svn.python.org/view/python/ branches/bcannon-sandboxing/ securing_python.txt?view=markup but there doesn't seem to be a group/category for feedback on branches. The sys module should *not* be shared between interpreters, even though it is an extension module. (If need be, each sys module can be a proxy that itself imports from the "real" sys.) sys should probably also be filled explicitly on creation, like builtins. (And the same for os, os.path?) Note that this will affect which sys.attributes should be available (perhaps read-only) or hidden by default - - and that should really only be by default. For specific examples: + some programs modify sys.argv to communicated between modules. So long as the initial value of sys.argv is set to something sufficiently discreet, there should be no problem letting them continue to do so. + The current draft hides sys.subversion (revealing unpatched bugs?) but shows sys.version (which reveals the same information, at a coarser grain). + getdefaultencoding may compromise privacy information, particularly for smaller languages. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1546203&group_id=5470 _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
