[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [oss-security] Potential symlink attack in python3 __pycache__

On Sat, Jul 24, 2021 at 7:34 PM Michael Orlitzky <michael AT orlitzky.com> wrote:

> When subdirectories of DIR1 are writable by anyone other than the
> person running the script, you have a bunch of problems:
>   https://bugs.python.org/issue16202
python3 shell is still vulnerable from modules in the current
directory, but some of them like |sys| and |os| can't be spoofed.