Python 2.3b1: RuntimeError using rexec
Martin v. Löwis
martin at v.loewis.de
Thu May 1 01:02:11 EDT 2003
tweedgeezer at hotmail.com (Jeremy Fincher) writes:
> I'm curious, if the string was eval'ed in an environment that included
> nothing except an empty __builtins__, would there be any non-DoS
> security hole? Obviously the attack could DoS by making some value
> 10**10**10**10 or something, but is there any actual *security* breach
> possible?
Try to eval
'''[f for f in (1).__class__.__bases__[0].__subclasses__() if f.__name__ == "file"][0]("/etc/passwd")'''
This doesn't actually work, but you get the idea.
Regards,
Martin
More information about the Python-list
mailing list