Chris Withers wrote at 2008-2-8 11:14 +0000:
>Dieter Maurer wrote:
>> It is easy to secure "eval":
>>    globs = {'__builtins__':{}}
>>    eval(s, globs, globs)
>> This ensures that "eval" cannot use any builtin functions --
>> especially, it cannot import anything.
>I'm fairly sure this isn't enough

That you are fairly sure is not enough -- unless you
show me an exploit....

>- google for the bugs in python's 
>rexec and bastion modules which lead to them being deprecated...

I speak only about "eval" (not "exec" or "rexec" nor "bastion").
In the "eval" world, you only have expressions.
And with the "__builtins__" above, you have no builtin functions,
no classes, no types -- you have just the literals the parser
can recognize: strings, integer, float, None, lists, tuples,
dicts, generators and the typical operators on them.

You are able to construct huge objects and can cause denial of service.
But this is possible even without "eval"....

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to