Fredrik Lundh <[EMAIL PROTECTED]> wrote:
>Sion Arrowsmith wrote:
>> I'm probably not thinking deviously enough here, but how are you
>> going to exploit an eval() which has very tightly controlled
>> globals and locals (eg. eval(x, {"__builtins__": None}, {}) ?
>try this:
>
> eval("'*'*1000000*2*2*2*2*2*2*2*2*2")
No thanks.
I guess my problem is a tendency view security issues from the
point of view of access to data rather than access to processing.
--
\S -- [EMAIL PROTECTED] -- http://www.chaos.org.uk/~sion/
___ | "Frankly I have no feelings towards penguins one way or the other"
\X/ | -- Arthur C. Clarke
her nu become� se bera eadward ofdun hl�ddre heafdes b�ce bump bump bump
--
http://mail.python.org/mailman/listinfo/python-list
