Executing untrusted code

Rami Chowdhury rami.chowdhury at gmail.com
Thu Aug 20 11:27:24 EDT 2009


They could, of course, use the file object constructor directly, e.g.:
	f = file("/etc/passwd", "w")

On Thu, 20 Aug 2009 08:16:51 -0700, Emanuele D'Arrigo <manu3d at gmail.com>  
wrote:

> Sorry for digging this back from the grave.
> I've had to chew on it for a little while.
>
> On Aug 8, 1:40 am, Nobody <nobody at nowhere.com> wrote:
>> If you want to support restricted execution within a language, it
>> has to be built into the language from day one. Trying to bolt it > on  
>> later is a fool's errand.
>
> Fair enough. In this context, let's say I do this:
>
> import __builtin__
> import imp
> originalBuiltins = imp.new_module("OriginalBuiltins")
>
> def readOnlyOpen(filename):
>     return originalBuiltins.open(filename, "r")
>
> __builtin__.open = readOnlyOpen
>
> exec(anUntrustedString, {})
>
> In what ways would the untrusted string be able to obtain the
> original, built-in open function and open a file for writing?
>
> Manu
>



-- 
Rami Chowdhury
"Never attribute to malice that which can be attributed to stupidity" --  
Hanlon's Razor
408-597-7068 (US) / 07875-841-046 (UK) / 0189-245544 (BD)



More information about the Python-list mailing list