Received: by 10.204.129.9 with SMTP id m9mr1536945bks.1.1349870355491;
Wed, 10 Oct 2012 04:59:15 -0700 (PDT)
X-BeenThere: sage-devel@googlegroups.com
Received: by 10.205.124.16 with SMTP id gm16ls258624bkc.7.gmail; Wed, 10 Oct
2012 04:59:12 -0700 (PDT)
Received: by 10.205.123.145 with SMTP id gk17mr1534170bkc.2.1349870352084;
Wed, 10 Oct 2012 04:59:12 -0700 (PDT)
Received: by 10.205.123.145 with SMTP id gk17mr1534169bkc.2.1349870352072;
Wed, 10 Oct 2012 04:59:12 -0700 (PDT)
Return-Path: <john.crem...@gmail.com>
Received: from mail-la0-f41.google.com (mail-la0-f41.google.com [209.85.215.41])
by gmr-mx.google.com with ESMTPS id t1si135572bkt.1.2012.10.10.04.59.11
(version=TLSv1/SSLv3 cipher=OTHER);
Wed, 10 Oct 2012 04:59:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of john.crem...@gmail.com designates 209.85.215.41 as permitted sender) client-ip=209.85.215.41;
Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of john.crem...@gmail.com designates 209.85.215.41 as permitted sender) smtp.mail=john.crem...@gmail.com; dkim=pass header...@gmail.com
Received: by mail-la0-f41.google.com with SMTP id p5so363889lag.14
for <sage-devel@googlegroups.com>; Wed, 10 Oct 2012 04:59:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type:content-transfer-encoding;
bh=yskr46eP5o0HKCu7ejmE/sz2GTsCPg+FG83ulhFpweQ=;
b=S9/UrML7/pbpCjUmtCX8NAMy55tjqyHj8k3GOvGth1gN3LChgWa8xA+1JykZdl6SUk
MWq6TPK4zjysuyZAcHAwTc50IbP4nA5UEFgjh4psbKN7cRfQB6TPzvS+aUOdT/Rf6w0M
1cONEg2DpV//YHfVSvGM60tyMuqdh9nc+5/CURgx2U7Mk8VtqSzsD9mHqQZ/iOnm3xo1
Q/PZy72uRQ8Bl/fh1wCE5Mj7RciiizAA+51cgiHWPFE7NUviMl8xotV3v5VGos0Q3lZA
cdExE0xjeY1cD1sdAWPclCZuObGGVz8m3WHXkZ7AaNiy/hJazHrLgfK8l17YHByepoVa
36yA==
MIME-Version: 1.0
Received: by 10.152.146.67 with SMTP id ta3mr3731481lab.23.1349870351679; Wed,
10 Oct 2012 04:59:11 -0700 (PDT)
Received: by 10.114.3.110 with HTTP; Wed, 10 Oct 2012 04:59:11 -0700 (PDT)
In-Reply-To: <20121010113543.GW2289@zephyr>
References: <507535BE.50...@cage.ugent.be>
<20121010113543.GW2289@zephyr>
Date: Wed, 10 Oct 2012 12:59:11 +0100
Message-ID: <CAD0p0K6=hzF1r2gAwwS4Z_J7bf2bkHvWgJ7=9wFeRaxv_ff...@mail.gmail.com>
Subject: Re: [sage-devel] Sage doctesting on shared systems insecure (#13579)
From: John Cremona <john.crem...@gmail.com>
To: sage-devel@googlegroups.com
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Would it not be a good idea to disable testing this file (or the bad
part in it) until this has been fixed? In all future testing &
development releases?
John
On 10 October 2012 12:35, Nicolas M. Thiery <Nicolas.Thi...@u-psud.fr> wrot=
e:
> On Wed, Oct 10, 2012 at 10:45:50AM +0200, Jeroen Demeyer wrote:
>> Volker Braun discovered a serious security vulnerability in Sage when
>> doctesting sage/tests/cmdline.py
>
> Yikes! Good job Volker detecting this!
>
>> * if you're a Sage developer: unless nobody else can log in to your
>> system, do not run anything like "make ptestlong" or "./sage -t
>> devel/sage/sage". Consider deleting sage/tests/cmdline.py from your
>> Sage installation.
>
> Note for the users of the Sage-Combinat queue: I have just inserted a
> temporary patch at the bottom of the queue that adds "nodoctest" to
> this file, effectively disabling its testing. So you need not worry
> about this issue (well, except that any test failure in cmdline.py
> that our patches may cause will get unnoticed until the issue is
> fixed).
>
> Cheers,
> Nicolas
> --
> Nicolas M. Thi=E9ry "Isil" <nthi...@users.sf.net>
> http://Nicolas.Thiery.name/
>
> --
> You received this message because you are subscribed to the Google Groups=
"sage-devel" group.
> To post to this group, send email to sage-devel@googlegroups.com.
> To unsubscribe from this group, send email to sage-devel+unsubscribe@goog=
legroups.com.
> Visit this group at http://groups.google.com/group/sage-devel?hl=3Den.
>
>
Message from discussion Sage doctesting on shared systems insecure (#13579)
| Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy |
| ©2013 Google |