Creating a capabilities-based restricted execution system

Sean R. Lynch seanl at chaosring.org
Sat Jan 3 13:40:42 EST 2004 

Martin v. Loewis wrote:
>
> The biggest problem is that new-style classes are both available through
> the type() builtin, and callable to create new instances.
> 
> For example, if you have managed to open a file object f, then
> 
> type(f)("/etc/passwd").read()
> 
> lets you access a different file, bypassing all machinery that may
> have been designed to prevent that from happening.
> 
> Of course, for the specific case of file objects, there is additional
> machinery preventing that from happening, but in the general case,
> there might be more problems in that area. For example, 
> object.__subclasses__() gives you access to quite a lot of stuff.

RestrictedPython avoids this by removing the type() builtin from the 
restricted __builtins__, and it doesn't allow untrusted code to create 
names that start with _. Zope3 has a type() builtin, but it returns a 
proxy (written in C) to the type object to prevent access.

Right now I'm providing a same_type function instead to compare types. 
Later I'll probably start playing around with C proxies.

I think the main thing that's liable to introduce new security problems 
(beyond what RestrictedPython may already have) is the fact that 
RestrictedPython is mostly designed to protect the trusted environment 
from the untrusted environment, and what I'd really like to do is give 
programmers in the untrusted environment a way to create objects and 
pass them around to one another; for example, in the original setup, 
class statements are allowed but not very useful in the restricted 
environment, because objects created from those classes would be 
read-only due to the fact that you can't create any special attributes 
to tell the system how to handle security from within the restricted 
environment, which is why I'm adding private attributes to the system 
and figuring out a way to allow methods defined on a class to assign to 
attributes on instances of that class without allowing all code to do so.

More information about the Python-list mailing list