Secure scripts variables
Paul Rubin
http
Wed Mar 30 03:04:06 EST 2005
Florian Lindner <Florian.Lindner at xgm.de> writes:
> I have a script which is readable and executable by a user, but not
> writable.
> The users executes the scripts, it reads in a value and based on this value
> it computes a result and stores it in a variable.
> Can the user read out the value of this variable? If yes, can he be
> prevented to do so?
I don't really understand the question. The user could, for example,
run the Python interpreter under a debugger, and examine its internal
state step by step during execution.
What you really want is a setuid script. That can do what you want,
but you have to write them very carefully.
More information about the Python-list
mailing list