Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #41107

Re: Running external module and accessing the created objects

Date 2013-03-11 22:05 -0600
From Michael Torrie <torriem@gmail.com>
Subject Re: Running external module and accessing the created objects
References <mailman.3110.1362798411.2939.python-list@python.org> <513aecd3$0$6512$c3e8da3$5496439d@news.astraweb.com> <khlr16$lr0$1@ger.gmane.org> <513E7B6B.5070608@davea.name>
Newsgroups comp.lang.python
Message-ID <mailman.3218.1363061123.2939.python-list@python.org> (permalink)

Show all headers | View raw

On 03/11/2013 06:48 PM, Dave Angel wrote:
> I hope you're just kidding.  execfile() and exec() are two of the most 
> dangerous mechanisms around.  import or __import__() would be much 
> better, as long as your user hasn't already run myapp.py as his script.

It's not possible to setuid a python script, so I don't see how execfile
or exec is any more dangerous than the user creating a shell script that
rm -rf * things, and then running it.

Bash "exec's" scripts all the time that users create and provide.  How
is this different and what issues did you have in mind, exactly?

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Running external module and accessing the created objects  Kene Meniru <Kene.Meniru@illom.org> - 2013-03-08 22:06 -0500
  Re: Running external module and accessing the created objects Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-03-09 08:03 +0000
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-09 06:05 -0500
      Re: Running external module and accessing the created objects Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-03-09 11:34 +0000
    Re: Running external module and accessing the created objects Chris Angelico <rosuav@gmail.com> - 2013-03-09 22:47 +1100
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-09 07:02 -0500
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-09 10:34 -0500
      Re: Running external module and accessing the created objects Rick Johnson <rantingrickjohnson@gmail.com> - 2013-03-09 08:51 -0800
        Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-09 12:21 -0500
          Re: Running external module and accessing the created objects Rick Johnson <rantingrickjohnson@gmail.com> - 2013-03-09 10:33 -0800
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-09 11:12 -0500
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-09 11:56 -0500
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-09 12:20 -0500
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-09 12:39 -0500
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-09 13:18 -0500
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-11 19:57 -0400
      Re: Running external module and accessing the created objects Rick Johnson <rantingrickjohnson@gmail.com> - 2013-03-11 23:40 -0700
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-11 20:48 -0400
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-11 21:23 -0400
    Re: Running external module and accessing the created objects Kene Meniru <Kene.Meniru@illom.org> - 2013-03-11 21:58 -0400
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-11 22:16 -0400
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-11 22:11 -0400
    Re: Running external module and accessing the created objects Michael Torrie <torriem@gmail.com> - 2013-03-11 22:05 -0600
    Re: Running external module and accessing the created objects Dave Angel <davea@davea.name> - 2013-03-12 07:20 -0400
    Re: Running external module and accessing the created objects Kene Meniru <kemeniru@gmail.com> - 2013-03-12 13:38 +0000
    Re: Running external module and accessing the created objects Kene Meniru <kemeniru@gmail.com> - 2013-03-12 13:28 +0000

csiph-web