On Mon, Feb 23, 2009 at 12:10, tav <t...@espians.com> wrote: > Hey all, > > As an attempt to convince everyone of the merits of my functions-based > approach to security, I've come up with a simple challenge. I've > attached it as safelite.py > > The challenge is simple: > > * Open a fresh Python interpreter > * Do: >>> from safelite import FileReader > * You can use FileReader to read files on your filesystem > * Now find a way to *write* to the filesystem from your interpreter > > Please note that the aim of this isn't to protect Python against > crashes/segfaults or exhaustion of resources attacks, so those don't > count. > > I'm keen to know your experiences even if you don't manage to write to > the filesystem -- and especially if you do! > > Dinner and drinks on me for an evening -- when you are next in London > or I am in your town -- to the first person who manages to break > safelite.py and write to the filesystem. > > Good luck and thanks! =) > > > If you block __closure__ and __globals__ on function objects you will get > a > > semblance of a private namespace. That way you might (I have not thought > > this one through like securing the interpreter for embedding) be able to > get > > what you need to safely pass in Python code through the globals of the > code > > being executed. > > Brett, this is exactly what I do.
Ah, OK. I just quickly looked at your patches on codereview and noticed that neither __closure__ or __globals__ have been touched. > You also need to restrict func_code. I assume you are worried about getting a hold of the code type and constructing code objects from scratch? > > The patch is simply for closing the other loopholes: > type.__subclasses__, GeneratorType.gi_frame and gi_code. All possible > in a patch of 6 lines of code thanks to Python's existing restricted > framework in the interpreter. > > Please review and accept =) > I personally don't have the time. The feedback in this email is all I can spare. -Brett
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
