Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #27242
| Path | csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder1.enfer-du-nord.net!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <rosuav@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.003 |
| X-Spam-Evidence | '*H*': 0.99; '*S*': 0.00; 'anyway.': 0.04; 'importing': 0.04; 'debugging': 0.05; 'debugging.': 0.07; 'python': 0.09; 'bindings': 0.09; 'imports': 0.09; 'meaningful': 0.09; 'aug': 0.13; 'language': 0.14; '"it\'s': 0.16; 'bindings,': 0.16; 'eval': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'ssh': 0.16; 'wrote:': 0.17; 'equivalent': 0.20; 'putting': 0.20; 'sort': 0.21; 'import': 0.21; 'received:209.85.214.174': 0.21; 'tried': 0.25; 'header:In-Reply- To:1': 0.25; 'possible,': 0.27; 'message-id:@mail.gmail.com': 0.27; 'fri,': 0.30; '(and': 0.32; 'could': 0.32; 'right?': 0.33; 'to:addr:python-list': 0.33; 'that,': 0.34; 'received:google.com': 0.34; 'eric': 0.35; 'open': 0.35; 'pm,': 0.35; 'received:209.85': 0.35; 'there': 0.35; 'really': 0.36; 'ability': 0.36; 'created': 0.36; 'but': 0.36; "wasn't": 0.36; 'anything': 0.36; 'should': 0.36; 'received:209': 0.37; 'subject:: ': 0.38; 'to:addr:python.org': 0.39; 'received:209.85.214': 0.39; 'header:Received:5': 0.40; 'your': 0.60; 'safe': 0.63; 'worth': 0.63; 'within': 0.64; 'power': 0.74; 'console,': 0.84; 'subject:read': 0.84; 'whatsoever.': 0.84; 'secured': 0.91 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=WV75K7edQfpJZKVjEqwFu6MHQ9z1lcYYxFnQYsz7LO4=; b=xoybtfow9Ma8kt4DOOjWaO5f00ARv1osTWYmSUfdIANpFcp+nnpS4cc2Ta2wEwRYWG CAOdTiGeRO/ChIWq6UraWO1WNiTCSxixtsmHm/IU2rG+Is6l+XiM8X59zrip47ovsIB6 L5Jg1dwB/xiEohD9W3WDu1r48WW0BJno3bSiTdivHH9Y76zieH6CCbkQf4qxc8c8XiBK voWE8flIu2yQuxHNPHkQudkA/fzj6s+bw61LbDu9SkEOK88qFkcLlP2WKZOhh5lQxRv9 GnQdDFmQtjhBtfL6L62PoHTd/eZyl6obmfyK0ZQfn6M9FmFV8A2kWzuwbQLya+VygxsP 3bnA== |
| MIME-Version | 1.0 |
| In-Reply-To | <CAAoZyYMGkmfWgYdFcZZ3n-kZ3pevB0KJkEXY4FJQy3460OTsVw@mail.gmail.com> |
| References | <CAAoZyYMEraa_OTyxui484-bdx96Jvd9LTmbb5Qw2EfQXd_wkfQ@mail.gmail.com> <mailman.3400.1345157033.4697.python-list@python.org> <502dac1e$0$29978$c3e8da3$5496439d@news.astraweb.com> <mailman.3409.1345188334.4697.python-list@python.org> <9b7aa68b-3103-42b4-b2d5-41a577ef388f@j2g2000pbg.googlegroups.com> <CAAoZyYMGkmfWgYdFcZZ3n-kZ3pevB0KJkEXY4FJQy3460OTsVw@mail.gmail.com> |
| Date | Sat, 18 Aug 2012 00:06:14 +1000 |
| Subject | Re: remote read eval print loop |
| From | Chris Angelico <rosuav@gmail.com> |
| To | python-list@python.org |
| Content-Type | text/plain; charset=ISO-8859-1 |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.12 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.3416.1345212377.4697.python-list@python.org> (permalink) |
| Lines | 20 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1345212377 news.xs4all.nl 6873 [2001:888:2000:d::a6]:38358 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:27242 |
Show key headers only | View raw
On Fri, Aug 17, 2012 at 11:28 PM, Eric Frederich <eric.frederich@gmail.com> wrote: > Within the debugging console, after importing all of the bindings, there > would be no reason to import anything whatsoever. > With just the bindings I created and the Python language we could do > meaningful debugging. > So if I block the ability to do any imports and calls to eval I should be > safe right? Nope. Python isn't a secured language in that way. I tried the same sort of thing a while back, but found it effectively impossible. (And this after people told me "It's not possible, don't bother trying". I tried anyway. It wasn't possible.) If you really want to do that, consider it equivalent to putting an open SSH session into your debugging console. Would you give that much power to your application's users? And if you would, is it worth reinventing SSH? ChrisA
Back to comp.lang.python | Previous | Next — Previous in thread | Find similar | Unroll thread
Re: remote read eval print loop Chris Angelico <rosuav@gmail.com> - 2012-08-17 08:43 +1000
Re: remote read eval print loop Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-08-17 02:27 +0000
Re: remote read eval print loop Alister <alister.ware@ntlworld.com> - 2012-08-17 06:38 +0000
Re: remote read eval print loop Chris Angelico <rosuav@gmail.com> - 2012-08-17 17:25 +1000
Re: remote read eval print loop rusi <rustompmody@gmail.com> - 2012-08-17 04:09 -0700
Re: remote read eval print loop Chris Angelico <rosuav@gmail.com> - 2012-08-18 00:06 +1000
csiph-web