Path: csiph.com!usenet.pasdenom.info!gegeweb.org!newsfeed.kamp.net!newsfeed.kamp.net!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.062 X-Spam-Evidence: '*H*': 0.90; '*S*': 0.02; '425': 0.09; 'sep': 0.09; 'cc:addr:python-list': 0.10; 'im:': 0.16; 'wed,': 0.16; 'wrote:': 0.17; 'examples': 0.18; 'input': 0.18; 'voting': 0.22; 'cc:2**0': 0.23; 'cc:no real name:2**0': 0.24; 'pass': 0.25; 'cc:addr:python.org': 0.25; 'header:In-Reply-To:1': 0.25; 'damage': 0.33; 'charset:us-ascii': 0.36; 'subject:: ': 0.38; 'first': 0.61; 'header:Message-Id:1': 0.62; 'democracy': 0.84; 'received:98.158': 0.84; 'to:addr:ntlworld.com': 0.84; 'cause,': 0.93 Date: Wed, 12 Sep 2012 17:49:24 -0400 From: D'Arcy Cain To: Alister Subject: Re: avoid the redefinition of a function In-Reply-To: <7944s.27167$CU7.24982@fx02.am4> References: <5050938F.7030105@gmail.com> <7944s.27167$CU7.24982@fx02.am4> X-Mailer: Sylpheed 3.2.0beta5 (GTK+ 2.24.10; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: python-list@python.org X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 14 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1347486566 news.xs4all.nl 6912 [2001:888:2000:d::a6]:54207 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:29002 On Wed, 12 Sep 2012 18:04:51 GMT Alister wrote: > No No NO! > you cant just pass user input to system calls without validating it first > (google sql injection for examples of the damage unsanitised input can > cause, it is not just as SQL problem) http://xkcd.com/327/ -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner. IM: darcy@Vex.Net