[Python-Dev] Challenge: Please break this! [Now with blog post]
Victor Stinner
victor.stinner at haypocalc.com
Tue Feb 24 15:52:31 CET 2009
Le Tuesday 24 February 2009 15:46:04 Andrew Dalke, vous avez écrit :
> > And instead of trying to make tb_frame go away, I'd like to add the
> > following to my proposed patch of RESTRICTED attributes:
> >
> > * f_code
> > * f_builtins
> > * f_globals
> > * f_locals
> >
> > That seems to do the trick...
>
> A goal is to use this in App Engine, yes? Which uses cgitb to report
> errors? Which needs these restricted frame attributes to report the
> values of variables when the error occurred?
We should be able to restore the original environment. Example:
...
jail(evil_func) # called in the jail
# unsafe environment with __subclasses__, f_code, etc.
...
--
Victor Stinner aka haypo
http://www.haypocalc.com/blog/
More information about the Python-Dev
mailing list