Untrusted code execution
Chris Angelico
rosuav at gmail.com
Tue Apr 5 13:48:09 EDT 2016
On Wed, Apr 6, 2016 at 3:26 AM, Jon Ribbens
<jon+usenet at unequivocal.co.uk> wrote:
> The received wisdom is that restricted code execution in Python is
> an insolubly hard problem, but it looks a bit like my 7-line example
> above disproves this theory, provided you choose carefully what you
> provide in your restricted __builtins__ - but people who knows more
> than me about Python seem to have thought about this problem for
> longer than I have and come up with the opposite conclusion so I'm
> curious what I'm missing.
No, it doesn't disprove anything. All you've shown is "here's a piece
of code that hasn't yet been compromised". :) What you're missing is a
demonstrated exploit against your code. I can't provide one, but it's
entirely possible that one will be found.
Your code is a *lot* safer for using 'eval' rather than 'exec'.
Otherwise, you'd be easily exploited using exceptions, which carry a
ton of info. But even so, I would not bet money (much less the
security of my systems) on this being safe.
ChrisA
More information about the Python-list
mailing list