Hi
I am trying to use python gdb to debug a python process that is hanginig - it
is a thread lock situation.
I have been trying to use the gdbinit macros to help me in this, but when I
attempt to access f-f_nlocals in a PyEval_EvalFrameEx object it informs There
is no member named f_nlocals.
I am trying to use python gdb to debug a python process that is hanginig
- it is a thread lock situation.
Larry,
python-dev is a mailing list for the development of Python, not the
development with Python. So this question is off-topic.
1) Does anyone have any idea why this might be
Brett Cannon wrote:
I don't want to move it because this isn't some idea for a new feature
that may or may not be useful; this isn't an idea, it's needed.
It is needed, but it's only really needed in the test suite. The
sys.modules hackery needed to get a Python-only version using the
existing
Hello,
I am trying to reach Greg Ward to get a maintainer access to Distutils
at PyPI, but his email address at python.net (and some other) doesn't
work anymore.
Anyone knows how to reach him ?
Thanks
Tarek
--
Tarek Ziadé | Association AfPy | www.afpy.org
Blog FR |
_
Blijf altijd op de hoogte van wat jouw vrienden doen
http://home.live.com___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
On Sun, Feb 22, 2009 at 8:14 PM, P.J. Eby p...@telecommunity.com wrote:
At 07:56 PM 2/22/2009 -0800, Guido van Rossum wrote:
On Sun, Feb 22, 2009 at 7:39 PM, P.J. Eby p...@telecommunity.com wrote:
Just a question, but, if you just need a pure-python restricted
environment
for App Engine,
Le Sunday 22 February 2009 17:45:27 Guido van Rossum, vous avez écrit :
I've received some enthusiastic emails from someone who wants to
revive restricted mode.
(...)
Based on his code (the file secure.py is all you need, included in
secure.tar.gz) it seems he believes the only security
None of those are useful attacks on app engine though.
On Mon, Feb 23, 2009 at 7:57 AM, Victor Stinner
victor.stin...@haypocalc.com wrote:
Le Sunday 22 February 2009 17:45:27 Guido van Rossum, vous avez écrit :
I've received some enthusiastic emails from someone who wants to
revive restricted
Dearest fellow Python lovers,
Could one of you please review:
http://codereview.appspot.com/20051
The patch is a mere 6 lines of code and provides the absolute minimum
that is needed to secure the Python interpreter! [This patch is for
Python 2.5.4 -- I can create one for the other branches
And, here's a version for Python 2.6+ -- diffed against an svn
checkout of the current python/trunk:
http://codereview.appspot.com/21051/show
Please review also. Cheers!
--
love, tav
plex:espians/tav | t...@espians.com | +44 (0) 7809 569 369
http://tav.espians.com | @tav | skype:tavespian
On Mon, Feb 23, 2009 at 02:16:17PM +0100, Tarek Ziadé wrote:
I am trying to reach Greg Ward to get a maintainer access to Distutils
at PyPI, but his email address at python.net (and some other) doesn't
work anymore.
Greg's website at www.gerg.ca (not a typo!) has e-mail addresses.
However,
On Mon, Feb 23, 2009 at 6:43 PM, A.M. Kuchling a...@amk.ca wrote:
On Mon, Feb 23, 2009 at 02:16:17PM +0100, Tarek Ziadé wrote:
I am trying to reach Greg Ward to get a maintainer access to Distutils
at PyPI, but his email address at python.net (and some other) doesn't
work anymore.
Greg's
On Sun, Feb 22, 2009 at 22:41, Aahz a...@pythoncraft.com wrote:
On Sun, Feb 22, 2009, Brett Cannon wrote:
On Sat, Feb 21, 2009 at 20:12, Aahz a...@pythoncraft.com wrote:
On Sat, Feb 21, 2009, Brett Cannon wrote:
On Sat, Feb 21, 2009 at 15:46, Aahz a...@pythoncraft.com wrote:
On Sat, Feb
On Mon, Feb 23, 2009 at 04:02, Nick Coghlan ncogh...@gmail.com wrote:
Brett Cannon wrote:
I don't want to move it because this isn't some idea for a new feature
that may or may not be useful; this isn't an idea, it's needed.
It is needed, but it's only really needed in the test suite. The
On Mon, Feb 23, 2009 at 09:23, tav t...@espians.com wrote:
Dearest fellow Python lovers,
Could one of you please review:
http://codereview.appspot.com/20051
The patch is a mere 6 lines of code and provides the absolute minimum
that is needed to secure the Python interpreter! [This patch
On Mon, Feb 23, 2009 at 04:02, Nick Coghlan ncogh...@gmail.com wrote:
For example, a version that allows any number of extension modules to be
suppressed when importing a module (defaulting to the Foo/_Foo naming):
import sys
def import_python_only(mod_name, *ext_names):
if not
Hey all,
As an attempt to convince everyone of the merits of my functions-based
approach to security, I've come up with a simple challenge. I've
attached it as safelite.py
The challenge is simple:
* Open a fresh Python interpreter
* Do: from safelite import FileReader
* You can use FileReader
On Mon, Feb 23, 2009 at 12:10, tav t...@espians.com wrote:
Hey all,
As an attempt to convince everyone of the merits of my functions-based
approach to security, I've come up with a simple challenge. I've
attached it as safelite.py
The challenge is simple:
* Open a fresh Python
Hey Brett,
Ah, OK. I just quickly looked at your patches on codereview and noticed that
neither __closure__ or __globals__ have been touched.
Those are already restricted by Python when __builtins__ is not the
same as the standard one.
I assume you are worried about getting a hold of the
On Mon, Feb 23, 2009 at 12:10 PM, tav t...@espians.com wrote:
Hey all,
As an attempt to convince everyone of the merits of my functions-based
approach to security, I've come up with a simple challenge. I've
attached it as safelite.py
The challenge is simple:
* Open a fresh Python
I sent a link out to Twitter...
On Mon, Feb 23, 2009 at 12:40 PM, Steven Bethard
steven.beth...@gmail.com wrote:
On Mon, Feb 23, 2009 at 12:10 PM, tav t...@espians.com wrote:
Hey all,
As an attempt to convince everyone of the merits of my functions-based
approach to security, I've come up
The challenge is simple:
* Open a fresh Python interpreter
* Do: from safelite import FileReader
* You can use FileReader to read files on your filesystem
* Now find a way to *write* to the filesystem from your interpreter
Well, the challenge is to get access to a module. And... it's quite
Brett Cannon wrote:
Well, neither do I as your proposed approach below is what I do for
warnings.
It's possible I actually had test_warnings.py open in another window
while writing that example function... ;)
As Steven said, your concerns are precisely why I'm suggesting hiding
this in a
Woo!
victor file('0wn3d', 'w').write('w00t\n')
victor Cool. It's a good reason to go to Pycon UK this yeak ;-)
Thank you so much Victor! Please mail/phone me when you are heading to
London and I shall honour the evening out!
Now, how about this adapted version without reload?
I could make
On Mon, Feb 23, 2009 at 1:12 PM, Victor Stinner
victor.stin...@haypocalc.com wrote:
The challenge is simple:
* Open a fresh Python interpreter
* Do: from safelite import FileReader
* You can use FileReader to read files on your filesystem
* Now find a way to *write* to the filesystem from
On Mon, Feb 23, 2009 at 1:36 PM, Guido van Rossum gu...@python.org wrote:
On Mon, Feb 23, 2009 at 1:12 PM, Victor Stinner
victor.stin...@haypocalc.com wrote:
The challenge is simple:
* Open a fresh Python interpreter
* Do: from safelite import FileReader
* You can use FileReader to read
Le Monday 23 February 2009 22:36:47, vous avez écrit :
reload(__builtins__)
(...)
Tav should have made another stipulation: the attack must not be
trivial to fix.
Why not? Any hole is enough to break a jail. The cracker doesn't care if it's
trivial to fix or not :-p
--
Victor Stinner aka
On Mon, Feb 23, 2009 at 13:23, Nick Coghlan ncogh...@gmail.com wrote:
Brett Cannon wrote:
Well, neither do I as your proposed approach below is what I do for
warnings.
It's possible I actually had test_warnings.py open in another window
while writing that example function... ;)
As
I take it back, we need to find all the trivial ones too.
Agreed!
BTW Tav, you ought to create a small website for this challenge. A
blog post or wiki page would suffice.
Done.
http://tav.espians.com/a-challenge-to-break-python-security.html
Please blog/retweet and of course, try the
Could one of you please review:
http://codereview.appspot.com/20051
The patch is a mere 6 lines of code and provides the absolute minimum
that is needed to secure the Python interpreter!
Unlike Guido, I'm not quite willing to your word for it.
OTOH, the patch looks harmless (with minor
And, here's a version for Python 2.6+ -- diffed against an svn
checkout of the current python/trunk:
http://codereview.appspot.com/21051/show
Please review also. Cheers!
No need to provide two versions. Regular back-merging should be
able to deal with that just fine.
Regards,
Martin
TWIW, on Twitter, Ian Bicking just came up with a half-solution. I
figured out the other half. I guess you own Ian drinks and me dinner.
:-)
$ python
Python 2.5.3a0 (release25-maint:64494, Jun 23 2008, 19:17:09)
[GCC 4.0.3 (Ubuntu 4.0.3-1ubuntu5)] on linux2
Type help, copyright, credits or
Don't I remember the previous restricted module dying a similar death
of 1,000 cuts before it was concluded to be unsafe at any height and
abandoned?
regards
Steve
Guido van Rossum wrote:
TWIW, on Twitter, Ian Bicking just came up with a half-solution. I
figured out the other half. I guess
Hey Martin,
The patch is a mere 6 lines of code and provides the absolute minimum
that is needed to secure the Python interpreter!
Unlike Guido, I'm not quite willing to your word for it.
You are right. Sorry, I was a bit too enthusiastic and overstated the case.
How about: it could
Sorry, it wasn't Ian Bicking. I have no idea what made me thing that.
I guess I am not yet an experienced Tweeter. :-( It was Mark Eichin,
CC'ed here.
--Guido
On Mon, Feb 23, 2009 at 2:51 PM, Guido van Rossum gu...@python.org wrote:
TWIW, on Twitter, Ian Bicking just came up with a
Don't I remember the previous restricted module dying a similar death
of 1,000 cuts before it was concluded to be unsafe at any height and
abandoned?
I think you are slightly misremembering. It got cut again and again,
but never died. Then, new-style classes hit an artery, and it bled
to
guido class S(str):
guido ... def __eq__(self, o): print o; return 'r' == o
guido [snip]
Very devious -- @eichin and Guido!
You guys get the price for the cutest exploit yet -- but sadly no
dinner or drinks -- that was just for the first crack -- which goes to
Victor =)
steve Don't I
On Mon, Feb 23, 2009 at 3:16 PM, Martin v. Löwis mar...@v.loewis.de wrote:
Don't I remember the previous restricted module dying a similar death
of 1,000 cuts before it was concluded to be unsafe at any height and
abandoned?
I think you are slightly misremembering. It got cut again and again,
Guido van Rossum gu...@python.org wrote:
No. Trust me. It is not always possible to strengthen the
implementation. (At least not until we get rid of the replace all
globals with None upon module deletion rule.)
We should do that. Trying to do cleanup without globals sucks. I
updated Armin's
On Mon, Feb 23, 2009 at 3:33 PM, Neil Schemenauer n...@arctrix.com wrote:
Guido van Rossum gu...@python.org wrote:
No. Trust me. It is not always possible to strengthen the
implementation. (At least not until we get rid of the replace all
globals with None upon module deletion rule.)
We
It seems like some code in safelite passes a file object to
isinstance. By overriding the builtin isinstance function I can get
access to the original file object and create a new one. Here is the
code I used:
from safelite import FileReader
_real_file = None
def _new_isinstance(obj,types):
Farshid Lashkari flashk at gmail.com writes:
It seems like some code in safelite passes a file object to
isinstance. By overriding the builtin isinstance function I can get
access to the original file object and create a new one. Here is the
code I used:
I guess Tav should open a restaurant
Le Tuesday 24 February 2009 00:51:25 Farshid Lashkari, vous avez écrit :
It seems like some code in safelite passes a file object to
isinstance. By overriding the builtin isinstance function I can get
access to the original file object and create a new one.
Wow, excellent idea!
--
Victor
Le Tuesday 24 February 2009 00:22:19 tav, vous avez écrit :
guido class S(str):
guido ... def __eq__(self, o): print o; return 'r' == o
guido [snip]
Very devious -- @eichin and Guido!
mode = str(mode) is not enough to protect FileReader about evil object
faking r string. Example
tav wrote:
But that doesn't invalidate
the model or the possibility of using it in Python.
However, there's also the matter of whether it's
*practical* to use the model in Python.
The custom-string exploit illustrates that you have
to be extremely careful what you do with, and
what you assume
On Mon, Feb 23, 2009 at 4:06 PM, Victor Stinner
victor.stin...@haypocalc.com wrote:
Le Tuesday 24 February 2009 00:51:25 Farshid Lashkari, vous avez écrit :
It seems like some code in safelite passes a file object to
isinstance. By overriding the builtin isinstance function I can get
access to
Le Monday 23 February 2009 23:41:30, vous avez écrit :
http://tav.espians.com/a-challenge-to-break-python-security.html
Please blog/retweet and of course, try the challenge yourselves =)
The challenge can be seen as: is it possible to read secret in the following
code without using
Hey all,
victor Could you keep all versions of safelite.py?
I took Steven D'Aprano's advice and added a VERSION attribute and
state the latest version on
http://tav.espians.com/a-challenge-to-break-python-security.html
Is that okay?
antoine I guess Tav should open a restaurant :-)
Hehe!!
Hey Victor,
You definitely got to the heart of the challenge.
f.tell.__getattribute__('func_closure')
But, have you actually run that code?
Cos that doesn't work here... sorry if I missed something...
--
love, tav
plex:espians/tav | t...@espians.com | +44 (0) 7809 569 369
victor f.tell.__getattribute__('func_closure')
tak But, have you actually run that code?
Ooops, I modified my local copy of safelite.py to disable func_xxx
protections :-p With the latest version of safelite.py, my exploit doesn't
work anymore. Sorry.
--
Victor Stinner aka haypo
Guido van Rossum gu...@python.org wrote:
So how do you get destructors to run in that case? Or do you just not
run them? Then open files may not be closed and may not even see their
buffer flushed. I'm not happy about that.
Unfortantely I don't have an up-to-date understand of the issues
Another potential avenue for attacks:
I can access the various class and metaclass objects easily:
f = FileReader('/etc/passwd')
f.__class__
class 'safelite.NamespaceObject'
f.__class__.__metaclass__
class 'safelite.NamespaceContext'
f.__class__.__metaclass__.__call__
unbound method
guido I can access the various class and metaclass objects
guido easily [snip]
It would've been possible to replace __call__ on the metaclass --
which, though not a security leak by itself, could've been abused for
some fun.
I've inlined the __metaclass__ to prevent fun of this kind.
But
53 matches
Mail list logo
