On Thu, 20 Aug 2009 08:16:51 -0700, Emanuele D'Arrigo wrote: > In what ways would the untrusted string be able to obtain the original, > built-in open function and open a file for writing? On a related topic, you should read this post here: http://tav.espians.com/a-challenge-to-break-python-security.html -- Steven