Le samedi 28 janvier 2006 à 13:35 +0900, Junichi Uekawa a écrit : > http://lists.debian.org/debian-security/2006/01/msg00010.html > > I think the conclusion about LD_PATH was > python includes the 'current directory of the executed binary' > ruby includes the 'current directory', thus unsafe. That's right. Any python script that may be put in an unsafe directory should first call: import sys sys.path.remove('') -- .''`. Josselin Mouette /\./\ : :' : josselin.mouette@ens-lyon.org `. `' joss@debian.org `- Debian GNU/Linux -- The power of freedom
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=