Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #15969
| From | Hrvoje Niksic <hniksic@xemacs.org> |
|---|---|
| Newsgroups | comp.lang.python |
| Subject | Re: Server Questions (2 of them) |
| Date | 2011-11-20 22:44 +0100 |
| Organization | B.net Hrvatska d.o.o. |
| Message-ID | <8762iesc3q.fsf@xemacs.org> (permalink) |
| References | <4c5cedc5-65e4-4bca-a7fe-7afffde79c88@s6g2000vbc.googlegroups.com> |
Andrew <andrew.chapkowski@gmail.com> writes:
> How to do you create a server that accepts a set of user code?
[...]
Look up the "exec" statement, the server can use it to execute any code
received from the client as a string.
Note "any code", though; exec runs in no sandbox and if a malicious
client defines addition(1, 2) to execute os.system('sudo rm -rf /'), the
server will happily do just that.
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Server Questions (2 of them) Andrew <andrew.chapkowski@gmail.com> - 2011-11-20 12:02 -0800
Re: Server Questions (2 of them) Chris Angelico <rosuav@gmail.com> - 2011-11-21 08:34 +1100
Re: Server Questions (2 of them) Hrvoje Niksic <hniksic@xemacs.org> - 2011-11-20 22:44 +0100
Re: Server Questions (2 of them) Christian Heimes <lists@cheimes.de> - 2011-11-21 01:27 +0100
Re: Server Questions (2 of them) alex23 <wuwei23@gmail.com> - 2011-11-20 20:26 -0800
Re: Server Questions (2 of them) Nizamov Shawkat <nizamov.shawkat@gmail.com> - 2011-11-21 07:28 +0100
csiph-web