oss-sec mailing list archives
Re: ipython3 may execute code from the current working directory
From: Jakub Wilk <jwilk () jwilk net>
Date: Fri, 23 Jul 2021 22:14:14 +0200
* Jakub Wilk <jwilk () jwilk net>, 2021-07-22, 13:35:
* Georgi Guninski <gguninski () gmail com>, 2021-07-22, 11:52:Summary: under certain circumstances, ipython3 may execute code from the current working directory.Looks like this might be intentional? Or at least there's an option to turn off this behavior:https://github.com/ipython/ipython/blob/7.25.0/IPython/core/shellapp.py#L219 https://ipython.readthedocs.io/en/stable/config/options/kernel.html#configtrait-InteractiveShellApp.ignore_cwd
On a second thought, --ignore-cwd is a relatively new invention (added in 7.13.0, I think), ...
However, in some Debian packages (at least 5.8.0-1 from Debian buster), even --ignore-cwd doesn't help,
...so it couldn't have been used in this old version. -- Jakub Wilk
Current thread:
- ipython3 may execute code from the current working directory Georgi Guninski (Jul 22)
- Re: ipython3 may execute code from the current working directory Jakub Wilk (Jul 22)
- Re: ipython3 may execute code from the current working directory Jakub Wilk (Jul 22)
- Re: ipython3 may execute code from the current working directory Jakub Wilk (Jul 23)
- Re: ipython3 may execute code from the current working directory Mats Wichmann (Jul 23)
- Re: ipython3 may execute code from the current working directory Jakub Wilk (Jul 24)
- Re: ipython3 may execute code from the current working directory Georgi Guninski (Jul 25)
- Re: ipython3 may execute code from the current working directory Jakub Wilk (Jul 22)