summaryrefslogtreecommitdiffstats
path: root/Lib
diff options
context:
space:
mode:
authorGuido van Rossum <guido@python.org>1995-01-17 15:58:37 (GMT)
committerGuido van Rossum <guido@python.org>1995-01-17 15:58:37 (GMT)
commit8e8a525f229ef6a9e1b881e9b71eda72dabd5007 (patch)
tree9d10b9167a58aa8c122176db1d350d5d22500777 /Lib
parent5c83252be4d0418ecc539bc854f258866954e1d2 (diff)
downloadcpython-8e8a525f229ef6a9e1b881e9b71eda72dabd5007.zip
cpython-8e8a525f229ef6a9e1b881e9b71eda72dabd5007.tar.gz
cpython-8e8a525f229ef6a9e1b881e9b71eda72dabd5007.tar.bz2
evolution
Diffstat (limited to 'Lib')
-rw-r--r--Lib/rexec.py20
1 files changed, 4 insertions, 16 deletions
diff --git a/Lib/rexec.py b/Lib/rexec.py
index 0e6ba20..cc908a3 100644
--- a/Lib/rexec.py
+++ b/Lib/rexec.py
@@ -25,7 +25,6 @@ def copymodule(src, dst, exceptions = [], only = None):
safe_path = ['/ufs/guido/lib/python']
safe_modules = ['array', 'math', 'regex', 'strop', 'time']
unsafe_builtin_names = ['open', 'reload', '__import__',
- 'eval', 'execfile', 'dir', 'vars',
'raw_input', 'input']
safe_posix_names = ['error', 'fstat', 'listdir', 'lstat', 'readlink', 'stat',
'times', 'uname', 'getpid', 'getppid', 'getcwd',
@@ -87,24 +86,13 @@ def safe_open(file, mode = 'r'):
raise TypeError, 'open argument(s) must be string(s)'
if mode not in ('r', 'rb'):
raise IOError, 'open for writing not allowed'
- if '/' in file:
- raise IOError, 'open pathname not allowed'
+ file = os.path.join(os.getcwd(), file)
+ file = os.path.normpath(file)
+ if file[:2] == '//' or file[:5] == '/etc/' or file[:4] == '/../':
+ raise IOError, 'this path not allowed for reading'
return open(file, mode)
safe_builtin.open = safe_open
-def safe_dir(object = safe_main):
- keys = object.__dict__.keys()
- keys.sort()
- return keys
-safe_builtin.dir = safe_dir
-
-def safe_vars(object = safe_main):
- keys = safe_dir(object)
- dict = {}
- copydict(object.__dict__, dict, None, keys)
- return dict
-safe_builtin.vars = safe_vars
-
def exterior():
"""Return env of caller's caller, as triple: (name, locals, globals).