Path: csiph.com!usenet.pasdenom.info!dedibox.gegeweb.org!gegeweb.eu!nntpfeed.proxad.net!proxad.net!feeder1-2.proxad.net!usenet-fr.net!nerim.net!novso.com!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.075 X-Spam-Evidence: '*H*': 0.85; '*S*': 0.00; 'scripts': 0.09; 'subject:error': 0.11; 'subject:python': 0.11; 'charset:iso-8859-7': 0.15; 'advice,': 0.16; 'hacked': 0.16; 'subject:when': 0.16; 'validation.': 0.16; 'wrote:': 0.17; 'hack': 0.18; 'somebody': 0.23; 'seems': 0.23; 'header:In-Reply-To:1': 0.25; 'wonder': 0.27; 'message-id:@mail.gmail.com': 0.27; 'cgi': 0.29; 'source': 0.29; 'fri,': 0.30; 'to:addr:python-list': 0.33; 'received:google.com': 0.34; 'pm,': 0.35; 'received:74.125': 0.36; 'thank': 0.36; 'possible': 0.37; 'subject:: ': 0.38; 'some': 0.38; 'to:addr:python.org': 0.39; 'your': 0.60; 'easy': 0.60; 'free': 0.61; 'more': 0.63; '2013': 0.84; 'again!': 0.84; 'hard.': 0.84; 'imagination': 0.84; 'to:name:python': 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:content-type:content-transfer-encoding; bh=0/yZ5tYhSs62MxKuRUd0/Bw2Pa4MGtCZTlCq1b+LjZU=; b=Boynu2stjfGZDQlUA5ymx+lMP7iPA7OeySALspWiLQGybmlJbb4zZIVIcPOAPAM43g 5KyAf4S1eAD0hdX4d2RRpzxn17/QFNmO5d8dVQ/J0vfn4cCW81q+DVJF95a+fUFMmICN n1nEBFhxt2svdFejmLGkCcXK8K3YiD8a+QXq3H8iJbFn9AGkr1yr3CGweF4yPABkaLMp Oo/zlHNOkD+I8twlwdZIVuGQlrDTX2UXH0wZ+U2ZVGgwtX1Rhq87YMIswdGtvYs2ToAD J+Y97qSQI1wsvcFBNjgf+IXtkczBeCrClFcNU4NLlmhh0gWKL9qHp6qZF7wzsCvv1sjC ghYw== X-Received: by 10.15.23.193 with SMTP id h41mr10955406eeu.17.1362788856795; Fri, 08 Mar 2013 16:27:36 -0800 (PST) MIME-Version: 1.0 In-Reply-To: <85b5c606-a1c7-480b-a900-622f61751b87@googlegroups.com> References: <8e17232e-5b24-4040-9215-c4bd89f34fa2@googlegroups.com> <622d4a2d-0014-4254-b211-c8fd66510f74@googlegroups.com> <33f153b4-4f54-429a-a92d-387b679bf758@googlegroups.com> <20130307105137.a6cae268f7f074fbf5017b1d@lavabit.com> <0074be2d-1f52-4626-bf53-fd9591f16bf7@googlegroups.com> <98cd9065-94b0-4fb6-b2fd-6ed96880242d@googlegroups.com> <513a33d7$0$30001$c3e8da3$5496439d@news.astraweb.com> <1a79c210-3c50-43bb-8a78-5d5ef60922ec@googlegroups.com> <85b5c606-a1c7-480b-a900-622f61751b87@googlegroups.com> From: Ian Kelly Date: Fri, 8 Mar 2013 17:26:56 -0700 Subject: Re: An error when i switched from python v2.6.6 => v3.2.3 To: Python Content-Type: text/plain; charset=ISO-8859-7 Content-Transfer-Encoding: quoted-printable X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 16 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1362788858 news.xs4all.nl 6871 [2001:888:2000:d::a6]:38083 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:40912 On Fri, Mar 8, 2013 at 1:31 PM, =CD=DF=EA=EF=F2 =C3=EA=F133=EA wrote: > Thank you very much for pointing my flaws once again! > > I cant beleive how easy you hacked the webserver again and be able to rea= d my cgi scripts source and write to cgi-bin too! > > I have added extra security by following some of your advice, i wonder if= youc an hack it again! > > Fell free to try if i'am not tiring you please! That seems to be better, although I want to stress that I did not try very hard. It's possible that somebody with more patience and imagination than myself might still find a way to fool your validation.