En Mon, 05 Feb 2007 19:13:04 -0300, Johann C. Rocholl <[EMAIL PROTECTED]> escribió:
> The following is my first attempt at adding a taint feature to Python > to prevent os.system() from being called with untrusted input. What do > you think of it? A simple reload(os) will drop all your wrapped functions, leaving the original ones. I suppose you don't intend to publish the SafeString class - but if anyone can get a SafeString instance in any way or another, he can convert *anything* into a SafeString trivially. And tainted() returns False by default????? Sorry but in general, this won't work :( -- Gabriel Genellina -- http://mail.python.org/mailman/listinfo/python-list
