[Python-Dev] sudo security hole w/ potential Python connection

skip Tue, 10 Jan 2006 06:45:46 -0800

Got this from a Google alert overnight.  It's not really a Python problem
(it's a sudo problem), but it's probably not a bad idea to understand the
implications.


    >> SUDO Python Environment Cleaning Privilege Escalation ...
    >> Secunia - UK
    >> ... This can be exploited by a user with sudo access to a python script
    >> to gain access to an interactive python prompt via the "PYTHONINSPECT"
    >> environment variable ...
    >> <http://secunia.com/advisories/18358/>

Skip
_______________________________________________
Python-Dev mailing list
[email protected]
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] sudo security hole w/ potential Python connection

Reply via email to