tav <t...@espians.com> > But the challenge was about doing `from safelite import FileReader`.
Though it doesn't say so on the first post on this thread nor your page at http://tav.espians.com/a-challenge-to-break-python-security.html It says "Now find a way to write to the filesystem from your interpreter". Which is what I did. Who's to say your final implementation will be more secure ;) But I see your point. Perhaps update the description for those misguided souls like me? > This is just a challenge to see if the model holds I haven't been watching this discussion closely and I can't find mention of this - is the goal to support only 2.x or also support Python 3? Your model seems to assume 2.x only, and there may be 3.x attacks that aren't considered in the challenge. For example, in Python 3 I would use the __traceback__ method of the exception object to reach in and get the open function. That seems morally equivalent to what I did. I hacked out the parts of safelite.py which wouldn't work in Python3. Following is a variation on the theme. import safelite try: safelite.FileReader("/dev/null", "r", "x") except TypeError as err: frame = err.__traceback__.tb_next.tb_frame frame.f_locals["open_file"]("test.txt", "w").write("done.") > And instead of trying to make tb_frame go away, I'd like to add the > following to my proposed patch of RESTRICTED attributes: > > * f_code > * f_builtins > * f_globals > * f_locals which of course would make the above no longer work. Cheers, Andrew da...@dalkescientific.com _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
