[prev in list] [next in list] [prev in thread] [next in thread]
List: mailman-developers
Subject: Re: [Mailman-Developers] [Mailman-Users] Low level bug: (solved)
From: Barry Warsaw <barry () python ! org>
Date: 2005-07-29 2:59:05
Message-ID: 1122605945.9666.21.camel () geddy ! wooz ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Thu, 2005-07-28 at 11:52, Mark Sapiro wrote:
> The real issue here seems to be that the import from mm_cfg done in the
> driver script is inadequately protected. The driver script
> print_traceback definition contains
>
> try:
> from Mailman.mm_cfg import VERSION
> except ImportError:
> VERSION = '<undetermined>'
>
> This is fine if there is an ImportError exception, but since mm_cfg.py
> is edited by users, it is possible (likely) that there will be a
> SyntaxError error exception here, and something more meaningful than
> the "Mailman experienced a very low level failure and could not even
> generate a useful traceback for you." message could be reported.
Bare excepts are evil, but maybe it's warranted in this situation. All
we really care about is the VERSION variable you're right that users can
easily put all manner of nastiness in there.
-Barry
["signature.asc" (application/pgp-signature)]
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/mailman-developers%40progressive-comp.com
Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic