Stumbled across an interesting Python security issue today. Certain uses of Pyth...

1 year ago

source link: https://twitter.com/marekgibney/status/1598706464583028736
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Conversation

Stumbled across an interesting Python security issue today. Certain uses of Python are insecure in the presence of 3rd party files. For example, reading the docs via "python -m pydoc".

If you do that while in a repo you cloned, it lets code in the repo take over your machine.

886 views

3:51 PM · Dec 2, 2022

Recommend

Gartner analysts reveal 8 cybersecurity predictions for 2023
Meta Avatars 即将推出第三方虚拟化身腿部显示
The Financial Times has been printing an obvious error on its “Market Data” page...
volatile 有个疑惑
广告人现状：去年找合作，今年找工作
Twitter Is Rolling Out Recommended Tweets To Everyone
Secure Kubernetes With Kubescape
How To Connect Any Audio Device To Your Xbox Series X
GitHub - joshuacc/strung.ahk: A utility library for working with strings in Auto...
Twitstorm timeline: The latest on Elon Musk's Twitter 2.0

About Joyk

Aggregate valuable and interesting links.
Joyk means Joy of geeK