[Python-Dev] Challenge: Please break this! (was: Reviving restricted mode)
tav
tav at espians.com
Tue Feb 24 01:33:35 CET 2009
Hey all,
victor> Could you keep all versions of safelite.py?
I took Steven D'Aprano's advice and added a VERSION attribute and
state the latest version on
http://tav.espians.com/a-challenge-to-break-python-security.html
Is that okay?
antoine> I guess Tav should open a restaurant :-)
Hehe!! Thankfully I only offered to it to the first person *phew!*
farshid> It seems like some code in safelite passes
farshid> a file object to isinstance. By overriding the
farshid> builtin isinstance function I can get access to
frashid> the original file object and create a new one.
Farshid, this is beautiful!!!
Thank you -- it's very nicely done!!
Do you have a website I could link to from the blog article?
guido> I think in the next version Tav will have to stop
guido> the sharing of __builtins__ between the supervisor
guido> and the sandboxed code. There are too many
guido> tricks you can play with this.
Done.
The common pattern that arised out of the various
builtins-overriding-hacks is that "safe" code should *never* make
assumptions about the state of the globals. The use of closures seems
to fix this problem with an easily-auditable design pattern.
--
love, tav
plex:espians/tav | tav at espians.com | +44 (0) 7809 569 369
http://tav.espians.com | http://twitter.com/tav | skype:tavespian
More information about the Python-Dev
mailing list