Y
Hacker News
new
|
ask
|
show
|
jobs
by
diskmuncher
1490 days ago
I was wondering how the "io" module was involved when the exploit claimed to not use any import. The answer is "io = open.__self__" [1]. Allowing "open()" would be an oversight if a sandbox intends to block "io".
---
[1]
https://github.com/kn32/python-buffered-reader-exploit/blob/...