How to permanently remove __import__?
Jeff Epler
jepler at unpythonic.net
Wed Jun 18 11:32:46 EDT 2003
Well, "rexec" intends to only allow access to "whitelisted" modules, or
"whitewashed" interfaces to unsafe but useful objects. You could build
whatever functionality on top of that, by "whitelisting" and
"whitewashing", including the functionality you desire.
Unfortunately, it no longer does that job properly. For instance, in
2.2.2:
>>> import rexec
>>> r = rexec.RExec()
>>> r.r_exec("print file")
<bound method RExec.r_open of <rexec.RExec instance at 0x817726c>>
so far, so good -- 'file', 'open', and (some) other builtins are
"whitewashed"
>>> r.r_exec("print object.__subclasses__()")
[<type 'type'>, <type 'list'>, <type 'NoneType'>, <type
'NotImplementedType'>, <type 'module'>, <type 'posix.stat_result'>,
<type 'posix.statvfs_result'>, <type 'dict'>, <type 'function'>,
<type 'str'>, <type 'file'>, <type 'int'>, <type 'dict-proxy'>]
uh-oh. object *isn't*, and from object we can get to the *real* file()
constructor. Well, you say, fix rexec to whitewash object, and get on
with life. Well, now how will you make
R>> from whitelisted_module import newstyle_instance
R>> issubclass(newstyle_instance, object)
print 1, instead of 0? ("R>>" is the hypothetical restricted
interactive prompt) More importantly, how can you make
R>> class C(object): ...
R>> class T(type): ...
work? And even if you can, is there another problem lurking?
Well, the Python developers have decided that they're not sure, and that
they don't have the time to make sure -- so rexec is now deprecated.
Even if you manage to fix all these problems (so that dangerous stuff
isn't reachable from basically any object), are you sure you're done?
You're talking about "redirecting to a virtual filesystem", presumably
this also applies to importing modules. Are you sure that this is safe?
There are bytecode sequences that can crash the interpreter with a signal
11, so it may be that the attacker can supply the right .pyc file to
overwrite something in the heap and make an object he can access point
to a dangerous builtin instead of the right object. Or maybe he can do
more traditional things like smash the stack and call system() that
way...
Jeff
More information about the Python-list
mailing list