Serious privacy leak in Python for Windows
Martin von Loewis
loewis at informatik.hu-berlin.de
Wed Jan 16 04:18:08 EST 2002
"Richard M. Smith" <rms at computerbytesman.com> writes:
> This particular example opens the file c:\autoexec.bat and writes the
> file contents to the Web page. The program could easily be changed to
> send the contents of the file back to a Web site by using an HTML form,
> a Web bug, or the Microsoft XML HTTP ActiveX control.
Can you please demonstrate how you would do this? In restricted mode,
many of the Python modules (e.g. including the socket module) are not
available.
Regards,
Martin
More information about the Python-list
mailing list