On Thu, Oct 11, 2012 at 1:20 PM, Jeroen Demeyer <[email protected]> wrote: > On 2012-10-11 22:14, Robert Bradshaw wrote: >> I don't think things like permissions and >> whether a directory is "safe" should be, in as much as it is possible, >> part of a language spec however. > That's quite true. However, the alternative of completely changing the > spec would break so much that it's not a good idea (or maybe for Python > 4?...). I believe that my patch breaks very little existing code while > still being secure by default. So I think it's the optimal middle ground.
We'll see what the response is. I would still argue the bug is in distutils.util.byte_compile for executing python files in /tmp. - Robert -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sage-devel?hl=en.
