tobias/docker-offlineimap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

localeval: comment on security issues

Browse Source 
Minor syntax fixes.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
Nicolas Sebrecht 2014-12-23 10:12:23 +01:00
parent e613f6992d
commit 4589cfeff2
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
offlineimap/localeval.py
View File

@ -1,7 +1,6 @@
"""Eval python code with global namespace of a python source file.""" """Eval python code with global namespace of a python source file."""
# Copyright (C) 2002 John Goerzen # Copyright (C) 2002-2014 John Goerzen & contributors
# <jgoerzen@complete.org>
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
@ -24,10 +23,16 @@ except:
pass pass
class LocalEval: class LocalEval:
"""Here is a powerfull but very dangerous option, of course.
Assume source file to be ASCII encoded."""
def __init__(self, path=None): def __init__(self, path=None):
self.namespace = {} self.namespace = {}
if path is not None: if path is not None:
# FIXME: limit opening files owned by current user with rights set
# to fixed mode 644.
file = open(path, 'r') file = open(path, 'r')
module = imp.load_module( module = imp.load_module(
'<none>', '<none>',