need fast parser for comma/space delimited numbers
Andrew Dalke
dalke at acm.org
Sun Mar 19 02:01:31 EST 2000
Moshe Zadka wrote in message ...
> Bernhard Herzog wrote:
> [using exec instead of rexec is "a gaping security hole"]
Moshe Zadka:
> but this is a common myth, which is totally untrue.
> Now, most Python programs (certainly most scientific
> Python programs) are not run as CGI's and the like, but
> rather by the user who wants them to run. So, using
> eval/exec without rexec is perfectly allright from a
> security POV.
Speaking as someone who writes Python scientific apps
for a living ... :)
The problem is that you don't know where your code might
be used in the future. One place I worked developed
scientific software for in-house use, and used eval for
some of the parsing. After about a year they considered
putting some of the applications on line. So it could
potentially be running untrusted data through an exec.
Luckily, it was designed to be safe in eval.
It's actually a problem I have with many scientific
libraries. They assume that their input will always be
"safe", and take liberties that I don't to assume, because
I know that things will change in the future. I don't
want to worry about having to audit the code for security
problems in the future.
Another problem is you sometimes point things to the wrong
data file. For example, suppose the input data, instead
of containing numbers, happened to contain python code
(because you used "temp.py" instead of "temp.dat"). Then
it will really do the wrong thing. In addition to having
routines which work with the right data, I believe it
should also fail politely, and exec'ing arbitrary/accidental
code isn't polite - it can turn file parsing into the
halting problem.
Andrew
dalke at acm.org
More information about the Python-list
mailing list