[Python-Dev] Challenge: Please break this! [Now with blog post]

[Guido van Rossum]

On Mon, Feb 23, 2009 at 3:16 PM, "Martin v. Löwis" <martin at v.loewis.de> wrote:
>> Don't I remember the previous restricted module dying a similar "death
>> of 1,000 cuts" before it was concluded to be unsafe at any height and
>> abandoned?
>
> I think you are slightly misremembering. It got cut again and again,
> but never died. Then, new-style classes hit an artery, and it bled
> to death.
>
> I'm curious how this one fares.

FWIW, I am remembering more about how Samuele cracked it. It had to do
with getting the supervisor code to call one of its own functions with
arguments provided by the sandboxed code. Tav's safelite.py doesn't
seem to be directly exploitable that way because (using ctypes hacks)
it *removes* some offending special methods. But that door would be at
least slightly ajar with Tar's proposed patch to Python, as that
doesn't remove the offending attributes (__subclasses__ etc.); it only
forbids them in restricted mode. But this once again enables Samuele's
hack. (Oh if I only could find the link with the actual attack -- it
was quite a bit more devious than attacks linked to so far.)

-- 
--Guido van Rossum (home page: http://www.python.org/~guido/)