The use of env as a global variable in dbhelper.py looks dangerous
|Reported by:||jonas@…||Owned by:||bobbysmith007|
Unless I'm missing something the way
dbhelper.py stores the env in a global variable is really unsafe.
With thread based frontends like tracd or fastcgi this global variable can at anytime be modified by another thread to point to another environment. And this can cause the wrong database to be modified.
Change History (4)
comment:2 Changed 6 years ago by bobbysmith007
- Priority changed from normal to highest
- Severity changed from normal to critical
comment:3 Changed 6 years ago by bobbysmith007
- Resolution set to fixed
- Status changed from new to closed