* Jakub Wilk <jw...@debian.org>, 2014-02-13, 00:27:
The CGI's code is supposed to be safeguarding against abuse,
The protection is not very good. (I'll disclose the details later.)
The exploit I had in mind was:
import re
from re import sys
imp = re.sys.modules['imp']
posix = imp.load_dynamic('', 'posix')
which gives you access to the goodies of the posix module. There's a
resource limit that prevents you from opening any file, but you can do
chmod(), chown(), remove(), rename(), kill(), …
Apparently this is now fixed:
https://github.com/pgbovine/OnlinePythonTutor/commit/eab7cb1c717a
I wouldn't be surprised if there were other clever ways to bypass OPT's
security restrictions, and upstream doesn't seem to confident about this
code either.
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-python-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140409121133.ga2...@jwilk.net
