Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #93085

Re: Pure Python Data Mangling or Encrypting

From Grant Edwards <invalid@invalid.invalid>
Newsgroups comp.lang.python
Subject Re: Pure Python Data Mangling or Encrypting
Date 2015-06-24 16:16 +0000
Organization PANIX Public Access Internet and UNIX, NYC
Message-ID <mmel55$ojb$1@reader1.panix.com> (permalink)
References <mailman.10.1435130890.3674.python-list@python.org> <558a9649$0$1675$c3e8da3$5496439d@news.astraweb.com> <mmed90$nho$1@reader1.panix.com> <mailman.18.1435161161.3674.python-list@python.org>

Show all headers | View raw

On 2015-06-24, Emile van Sebille <emile@fenx.com> wrote:
> On 6/24/2015 7:02 AM, Grant Edwards wrote:
>> And how does writing unmangled data to disk expose anybody to
>> anything?  I've never heard of an exploit where writing an evilly
>> crafted bit-pattern to disk causes a any sort of problem.
>
> Unless that code is executed at boot.

Don't write it somewhere where that might happen.  [Of course you
don't let a remote user determine where the untrusted data gets
written -- that would be completely beyond the pale.] Or does Windows
pick files at random from the disk and execute them?

> Mangling would at least prevent it from executing.

If you don't want a file to be executed, then don't make it
executable.  Or doesn't Windows have any way to control whether a file
is executable or not?

-- 
Grant Edwards               grant.b.edwards        Yow! You were s'posed
                                  at               to laugh!
                              gmail.com

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Pure Python Data Mangling or Encrypting Randall Smith <randall@tnr.cc> - 2015-06-23 14:02 -0500
  Re: Pure Python Data Mangling or Encrypting Steven D'Aprano <steve@pearwood.info> - 2015-06-24 21:36 +1000
    Re: Pure Python Data Mangling or Encrypting Grant Edwards <invalid@invalid.invalid> - 2015-06-24 14:02 +0000
      Re: Pure Python Data Mangling or Encrypting Emile van Sebille <emile@fenx.com> - 2015-06-24 08:52 -0700
        Re: Pure Python Data Mangling or Encrypting Grant Edwards <invalid@invalid.invalid> - 2015-06-24 16:16 +0000
          Re: Pure Python Data Mangling or Encrypting Chris Angelico <rosuav@gmail.com> - 2015-06-25 02:23 +1000
            Re: Pure Python Data Mangling or Encrypting Grant Edwards <invalid@invalid.invalid> - 2015-06-24 18:23 +0000
          Re: Pure Python Data Mangling or Encrypting Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2015-06-24 21:24 -0400
      Re: Pure Python Data Mangling or Encrypting Chris Angelico <rosuav@gmail.com> - 2015-06-25 01:55 +1000
      Re: Pure Python Data Mangling or Encrypting Emile van Sebille <emile@fenx.com> - 2015-06-24 09:09 -0700
    Re: Pure Python Data Mangling or Encrypting Randall Smith <randall@tnr.cc> - 2015-06-24 13:20 -0500
      Re: Pure Python Data Mangling or Encrypting Grant Edwards <invalid@invalid.invalid> - 2015-06-24 18:29 +0000
        Re: Pure Python Data Mangling or Encrypting Randall Smith <randall@tnr.cc> - 2015-06-24 14:00 -0500
          Re: Pure Python Data Mangling or Encrypting Grant Edwards <invalid@invalid.invalid> - 2015-06-24 21:24 +0000
            Re: Pure Python Data Mangling or Encrypting Randall Smith <randall@tnr.cc> - 2015-06-24 18:13 -0500
    Re: Pure Python Data Mangling or Encrypting Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2015-06-24 21:33 -0400
    Re: Pure Python Data Mangling or Encrypting Randall Smith <randall@tnr.cc> - 2015-06-25 14:41 -0500

csiph-web