projects
/
mudpy.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from:
7e78772
)
Switch to yaml.safe_load for better security
author
Jeremy Stanley
<fungi@yuggoth.org>
Sat, 18 Apr 2015 06:54:07 +0000
(06:54 +0000)
committer
Jeremy Stanley
<fungi@yuggoth.org>
Sat, 18 Apr 2015 06:54:07 +0000
(06:54 +0000)
Use the yaml.safe_load to avoid unwanted privilege escalation due to
deserializing unsafe objects. Also switch to yaml.safe.dump for
symmetry, so that we don't write out files we'll later refuse to
parse.
No differences found