summaryrefslogtreecommitdiffstats
path: root/Objects/fileobject.c
diff options
context:
space:
mode:
authorTim Peters <tim.peters@gmail.com>2001-09-13 21:01:29 (GMT)
committerTim Peters <tim.peters@gmail.com>2001-09-13 21:01:29 (GMT)
commit8fa45677c1833cc0d4ddaa57417c01ee8297eba8 (patch)
treee33c30313a1f60475f2e7b1e5db33901398398ab /Objects/fileobject.c
parent561f899d198c74516f0911a415f2914af3890576 (diff)
downloadcpython-8fa45677c1833cc0d4ddaa57417c01ee8297eba8.zip
cpython-8fa45677c1833cc0d4ddaa57417c01ee8297eba8.tar.gz
cpython-8fa45677c1833cc0d4ddaa57417c01ee8297eba8.tar.bz2
Now that file objects are subclassable, you can get at the file constructor
just by doing type(f) where f is any file object. This left a hole in restricted execution mode that rexec.py can't plug by itself (although it can plug part of it; the rest is plugged in fileobject.c now).
Diffstat (limited to 'Objects/fileobject.c')
-rw-r--r--Objects/fileobject.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/Objects/fileobject.c b/Objects/fileobject.c
index 3cadff5..b373024 100644
--- a/Objects/fileobject.c
+++ b/Objects/fileobject.c
@@ -92,6 +92,14 @@ open_the_file(PyFileObject *f, char *name, char *mode)
assert(name != NULL);
assert(mode != NULL);
+ /* rexec.py can't stop a user from getting the file() constructor --
+ all they have to do is get *any* file object f, and then do
+ type(f). Here we prevent them from doing damage with it. */
+ if (PyEval_GetRestricted()) {
+ PyErr_SetString(PyExc_IOError,
+ "file() constructor not accessible in restricted mode");
+ return NULL;
+ }
#ifdef HAVE_FOPENRF
if (*mode == '*') {
FILE *fopenRF();