diff options
author | Tim Peters <tim.peters@gmail.com> | 2001-09-13 21:01:29 (GMT) |
---|---|---|
committer | Tim Peters <tim.peters@gmail.com> | 2001-09-13 21:01:29 (GMT) |
commit | 8fa45677c1833cc0d4ddaa57417c01ee8297eba8 (patch) | |
tree | e33c30313a1f60475f2e7b1e5db33901398398ab /Objects/fileobject.c | |
parent | 561f899d198c74516f0911a415f2914af3890576 (diff) | |
download | cpython-8fa45677c1833cc0d4ddaa57417c01ee8297eba8.zip cpython-8fa45677c1833cc0d4ddaa57417c01ee8297eba8.tar.gz cpython-8fa45677c1833cc0d4ddaa57417c01ee8297eba8.tar.bz2 |
Now that file objects are subclassable, you can get at the file constructor
just by doing type(f) where f is any file object. This left a hole in
restricted execution mode that rexec.py can't plug by itself (although it
can plug part of it; the rest is plugged in fileobject.c now).
Diffstat (limited to 'Objects/fileobject.c')
-rw-r--r-- | Objects/fileobject.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Objects/fileobject.c b/Objects/fileobject.c index 3cadff5..b373024 100644 --- a/Objects/fileobject.c +++ b/Objects/fileobject.c @@ -92,6 +92,14 @@ open_the_file(PyFileObject *f, char *name, char *mode) assert(name != NULL); assert(mode != NULL); + /* rexec.py can't stop a user from getting the file() constructor -- + all they have to do is get *any* file object f, and then do + type(f). Here we prevent them from doing damage with it. */ + if (PyEval_GetRestricted()) { + PyErr_SetString(PyExc_IOError, + "file() constructor not accessible in restricted mode"); + return NULL; + } #ifdef HAVE_FOPENRF if (*mode == '*') { FILE *fopenRF(); |