티스토리 뷰

분류없음

Python trivia

진모씨 2015.12.17 03:43
크리에이티브 커먼즈 라이선스
Creative Commons License

It's feature.


user@ubuntu:/tmp$ PYTHONINSPECT=1 aa

The program 'aa' is currently not installed.  To run 'aa' please ask your administrator to install the package 'astronomical-almanac'

Traceback (most recent call last):

  File "/usr/lib/command-not-found", line 94, in <module>

    crash_guard(main, BUG_REPORT_URL, __version__)

  File "/usr/lib/python2.7/dist-packages/CommandNotFound/util.py", line 40, in crash_guard

    sys.exit(127)

SystemExit: 127

>>>



NO SUID, NO SGID, so garbage for now.


Maybe.. I can use it for.. umm.. um... I don't know. It can be used for 'backdoor-finding' challenges, like:

If someone executes python itself in suid binary without dropping privileges, only in reason that it's signed, or verified, readonly, yeah.

But PYTHONINSPECT=1 and some interpreter variable is one thing we should keep in mind.

For other languages, too..

저작자 표시
신고
댓글
댓글쓰기 폼
Statistics Graph
공지사항
Total
54,867
Today
0
Yesterday
23
링크
«   2017/05   »
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
글 보관함