[Twisted-Python] twistd possible hole
Moshe Zadka
m at moshez.org
Fri Sep 21 08:35:17 MDT 2001
twistd adds the running-directory to the system include path.
I'm not sure I like it, because it must have write access
to the running directory to dump pickles, and having applications
have write permissions there. What's more, in the case where
the running directory is shared between several twistd instances,
it means one twistd instance can corrupt others via messing with
their path. Why was it done? If there is no good reason,
I suggest we drop it.
--
The Official Moshe Zadka FAQ: http://moshez.geek
The Official Moshe Zadka FAQ For Dummies: http://moshez.org
Read the FAQ
More information about the Twisted-Python
mailing list