Python and CGI security
Neil Schemenauer
nascheme at enme.ucalgary.ca
Mon May 8 03:54:10 EDT 2000
Stefan Schwarzer <s.schwarzer at ndh.net> wrote:
>Beside the usual rules mentioned in the documentation of the cgi
>module, are there more "automatic" security checks available in
>Python (e. g. similar to Perl's -T switch)?
Python does not have tainted data tracking like Perl. You might
be able to use ideas from the rexec module to provide a
restricted environment for your code to run in though.
Writing bug free code is one of the best possible ways to prevent
security problems. Since Python raises exceptions on errors you
are in a much better position than with many other languages.
Neil
--
Security problems and bugs go hand in hand.
More information about the Python-list
mailing list