Marc-Andre Lemburg <[email protected]> added the comment: Jean-Paul Calderone wrote: > > Jean-Paul Calderone <[email protected]> added the comment: > > For example: > > exar...@boson:~$ python > Python 2.6.4 (r264:75706, Dec 7 2009, 18:45:15) > [GCC 4.4.1] on linux2 > Type "help", "copyright", "credits" or "license" for more information. >>>> class x(object): > ... def __reduce__(self): > ... import os > ... return os.system, ('echo "Hello from sploitland"',) > ... >>>> import pickle >>>> pickle.loads(pickle.dumps(x())) > Hello from sploitland > 0
But here you are not transferring malicious code in the pickle string, you are just triggering the execution of such code that you already have (and are in control of). Without the definition of class x on the receiving side, there would be no exploit. By adding support for pickling code objects, you'd make it possible to place the definition of class x into the pickle string and you would no longer be in control of that code. ---------- _______________________________________ Python tracker <[email protected]> <http://bugs.python.org/issue9276> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
