Untrusted code execution
Jon Ribbens
jon+usenet at unequivocal.co.uk
Tue Apr 5 17:13:36 EDT 2016
On 2016-04-05, Paul Rubin <no.email at nospam.invalid> wrote:
> Jon Ribbens <jon+usenet at unequivocal.co.uk> writes:
>>> isinstance(node, ast.Attribute) and node.attr.startswith("_")):
>>> raise ValueError("Access to private values is not allowed.")
>>> namespace = {"__builtins__": {"int": int, "str": str, "len": len}}
>
>> Nobody has any thoughts on this at all?
>
> What happens with foo.get("5F5F70726976617465".decode("hex")) ?
> That string decodes to "__private".
Yes, and? My code wasn't trying to prevent anyone building a string
object starting with an underline, merely to prevent anyone accessing
identifiers and attributes that start with an underline. The namespace
I was suggesting didn't provide access to any objects which have a
'get()' method which would access attributes.
> The Bastion module was removed some time ago because every attempt
> to do something like this has failed...
Bastion was removed because rexec was removed. rexec was very
ambitious - it was trying to allow completely arbitrary Python code
to run in a restricted namespace. That's basically impossible since
Python 2.2.
My method is doing something different - it's inspecting the code
before it's run, to prevent the methods by which people would easily
escape rexec's environment.
Originally, rexec existed and was thought to be 'safe'. Then the
new-style classes were added in Python 2.2, which made rexec unsafe,
so it was disabled because there was no easy way to fix it. Then
in Python 2.5 the new AST parser was added, which I think perhaps
does provide a way to fix rexec (or at least something rexec-like),
but nobody was clamoring for rexec to be reinstated so nobody looked
into what ast could do for rexec.
... unless I'm missing something obvious (or subtle!)
More information about the Python-list
mailing list