[sage-trac] Re: [Sage] #13579: Python sys.path security risk

Sat, 12 Jan 2013 10:27:07 -0800 

#13579: Python sys.path security risk
-------------------------------------------------------+--------------------
       Reporter:  vbraun                               |         Owner:  mvngu  
                                
           Type:  defect                               |        Status:  closed 
                                
       Priority:  blocker                              |     Milestone:  
sage-5.4                               
      Component:  doctest                              |    Resolution:  fixed  
                                
       Keywords:                                       |   Work issues:         
                                
Report Upstream:  Reported upstream. No feedback yet.  |     Reviewers:  Volker 
Braun, Jeroen Demeyer, David Roe
        Authors:  Jeroen Demeyer, Volker Braun         |     Merged in:  
sage-5.4.rc2                           
   Dependencies:                                       |      Stopgaps:         
                                
-------------------------------------------------------+--------------------

Comment (by leif):

 Replying to [comment:80 leif]:
 > Replying to [comment:79 jdemeyer]:
 > > As Volker explained, that's a feature, not a bug.
 >
 > Nope, the doctest shouldn't put files there (which isn't safe for
 simultaneous testing anyway).
 {{{
 ...
     Testing ``sage --preparse FILE`` and ``sage -t FILE``.  First create
     a file and preparse it::

         sage: s = '\"\"\"\nThis is a test file.\n\"\"\"\ndef
 my_add(a,b):\n    \"\"\"\n    Add a to b.\n\n        EXAMPLES::\n\n
 sage: my_add(2,2)\n            4\n        \"\"\"\n    return a+b\n'
         sage: script = os.path.join(tmp_dir(), 'my_script.sage')
         sage: script_py = script[:-5] + '.py'
         sage: F = open(script, 'w')
         sage: F.write(s)
         sage: F.close()
         sage: (out, err, ret) = test_executable(["sage", "--preparse",
 script])
         sage: ret
         0
         sage: os.path.isfile(script_py)
         True

     Now test my_script.sage and the preparsed version my_script.py::

         sage: (out, err, ret) = test_executable(["sage", "-t", script])
         sage: ret
         0
         sage: out.find("All tests passed!") >= 0
         True
         sage: (out, err, ret) = test_executable(["sage", "-t", script_py])
         sage: ret
         0
         sage: out.find("All tests passed!") >= 0
         True
 ...
 }}}

 The latter four tests failed.

-- 
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/13579#comment:81>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica, 
and MATLAB

-- 
You received this message because you are subscribed to the Google Groups 
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/sage-trac?hl=en.

Reply via email to