Untrusted code execution
Random832
random832 at fastmail.com
Wed Apr 6 23:40:53 EDT 2016
On Wed, Apr 6, 2016, at 21:45, Steven D'Aprano wrote:
> And you would have to do something about the unfortunate matter that
> modules
> have a reference to the unrestricted __builtins__:
>
> py> os.__builtins__['eval']
> <built-in function eval>
Well, I thought that the solution being discussed uses AST to generally
forbid accessing attributes beginning with _ (you could also implement a
whitelist there)
> And because modules are singletons, it's not just a matter of replacing
> the
> __builtins__ with a more restrictive one, as that would affect trusted
> modules outside the sandbox too.
There's nothing actually preventing creating a module with the same name
as a "real" one, not registered in sys.modules, and having it in the
sandbox's sys.modules (the sandbox's sys module itself being a fake
module) to be imported by the sandbox's __import__.
__import__ doesn't even have to return a module - you could return some
other object, maybe one that proxies whitelisted name accesses to the
real module.
More information about the Python-list
mailing list