티스토리 뷰

분류없음

Python trivia

진모씨 2015.12.17 03:43

It's feature.


user@ubuntu:/tmp$ PYTHONINSPECT=1 aa

The program 'aa' is currently not installed.  To run 'aa' please ask your administrator to install the package 'astronomical-almanac'

Traceback (most recent call last):

  File "/usr/lib/command-not-found", line 94, in <module>

    crash_guard(main, BUG_REPORT_URL, __version__)

  File "/usr/lib/python2.7/dist-packages/CommandNotFound/util.py", line 40, in crash_guard

    sys.exit(127)

SystemExit: 127

>>>



NO SUID, NO SGID, so garbage for now.


Maybe.. I can use it for.. umm.. um... I don't know. It can be used for 'backdoor-finding' challenges, like:

If someone executes python itself in suid binary without dropping privileges, only in reason that it's signed, or verified, readonly, yeah.

But PYTHONINSPECT=1 and some interpreter variable is one thing we should keep in mind.

For other languages, too..

저작자 표시
신고
댓글
댓글쓰기 폼
공지사항
Total
59,423
Today
0
Yesterday
16
링크
«   2017/11   »
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30    
글 보관함