I will give the formatting a try. I noticed another formatting thing I
wasn't looking for. It is possible to have a \n at the end of a word
or at least that is how it is shown and fixed through python 2.5. I
had an error where 36\n isn't a number. easy to fix though.
Jeremy Sanders wrote:
> S
Steven D'Aprano wrote:
> os.system('dir -l %s' % 'text.txt')
>
>
> Now, there is a security risk: you might set command1 yourself, and
> allow the user to set args. If command1 is an external application
> with a security hole, and the user provides arguments that trigger that
> bug, then natur
On Fri, 19 Jan 2007 10:43:53 -0800, John Zenger wrote:
> Perhaps it is not as severe a security risk, but pure Python programs
> can run into similar problems if they don't check user input for %
> codes.
Please don't top-post.
A: Because it messes up the order that we read things.
Q: Why?
A: To
At Friday 19/1/2007 15:43, John Zenger wrote:
Perhaps it is not as severe a security risk, but pure Python programs
can run into similar problems if they don't check user input for %
codes. Example:
>>> k = raw_input("Try to trick me: ")
Try to trick me: How about %s this?
>>> j = "User %s jus
On Fri, 19 Jan 2007 03:51:08 -0800, [EMAIL PROTECTED] wrote:
> http://www.ddj.com/184405774;jsessionid=BDDEMUGJOPXUMQSNDLQCKHSCJUNN2JVN
>
> I saw a warning from homeland security about this. I only comment on
> the because I am trying to use os.system('command1 arg') and it doesn't
> work
What
Perhaps it is not as severe a security risk, but pure Python programs
can run into similar problems if they don't check user input for %
codes. Example:
>>> k = raw_input("Try to trick me: ")
Try to trick me: How about %s this?
>>> j = "User %s just entered: " + k
>>> print j % "John"
Traceback (
"Nick Maclaren" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> In article <[EMAIL PROTECTED]>,
> "Gabriel Genellina" <[EMAIL PROTECTED]> writes:
> |>
> |> Pure Python programs are not affected, but a review of the C
> implementation
> |> should be made to see if any (variant of
In article <[EMAIL PROTECTED]>,
"Gabriel Genellina" <[EMAIL PROTECTED]> writes:
|> <[EMAIL PROTECTED]> escribió en el mensaje
|> news:[EMAIL PROTECTED]
|>
|> > http://www.ddj.com/184405774;jsessionid=BDDEMUGJOPXUMQSNDLQCKHSCJUNN2JVN
|> >
|> > I saw a warning from homeland security about this. I
<[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> http://www.ddj.com/184405774;jsessionid=BDDEMUGJOPXUMQSNDLQCKHSCJUNN2JVN
>
> I saw a warning from homeland security about this. I only comment on
> the because I am trying to use os.system('command1 arg') and it doesn't
> work b
