Project

Profile

Help

Actions
Send by e-mail Copy link

Issue #2290

closed

Use yaml.load instead of yaml.safe_load

Added by pcreech over 7 years ago. Updated over 4 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
3.0.0
Start date:
Due date:
Estimated time:
Severity:
1. Low
Version:
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Easy Fix
Sprint:
Quarter:

Description

In the new 3.0 config loading mechanism, we load the yaml file using yaml.load. This is unsafe, as this can end up runing functions while loading the yaml file.

Using yaml.safe_load will prevent this

Added by pcreech over 7 years ago

Revision 310ef94f | View on GitHub

Use yaml.safe_load instead of yaml.load

Use yaml.safe_load instead of yaml.load, as yaml.load is dangerous

Look at http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more info

closes #2290

Added by pcreech over 7 years ago

Revision 310ef94f | View on GitHub

Use yaml.safe_load instead of yaml.load

Use yaml.safe_load instead of yaml.load, as yaml.load is dangerous

Look at http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more info

closes #2290

Actions
Copy link
 #1

Updated by pcreech over 7 years ago

  • Status changed from NEW to POST
Actions
Copy link
 #2

Updated by pcreech over 7 years ago

  • Status changed from POST to MODIFIED
Actions
Copy link
 #3

Updated by daviddavis almost 5 years ago

  • Sprint/Milestone set to 3.0.0
Actions
Copy link
 #4

Updated by bmbouter almost 5 years ago

  • Tags deleted (Pulp 3)
Actions
Copy link
 #5

Updated by bmbouter over 4 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Actions
Send by e-mail Copy link

Also available in: Atom PDF