#13579: test_executable security risk
---------------------------------------------------------------+------------
Reporter: vbraun | Owner:
mvngu
Type: defect | Status:
needs_review
Priority: blocker | Milestone:
sage-5.4
Component: doctest | Resolution:
Keywords: | Work issues:
Report Upstream: Not yet reported upstream; Will do shortly. | Reviewers:
Volker Braun, Jeroen Demeyer
Authors: Jeroen Demeyer, Volker Braun | Merged in:
Dependencies: | Stopgaps:
---------------------------------------------------------------+------------
Comment (by jason):
I was suggesting that for running tests, we could modify import.
A separate suggestion is to modify import always, and insist that the user
use relative imports when they really want to import something in the
current directory. That definitely breaks python behavior, but it is more
explicit and secure.
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/13579#comment:32>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
