[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
Victor Stinner
victor.stinner at gmail.com
Tue Apr 12 08:24:31 EDT 2016
More information about the Python-Dev mailing list
Tue Apr 12 08:24:31 EDT 2016
- Previous message (by thread): [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
- Next message (by thread): [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2016-04-12 14:18 GMT+02:00 Jon Ribbens <jon+python-dev at unequivocal.co.uk>: > The question is: with a minimal (or empty) set of builtins, and a > restriction on ast.Name and ast.Attribute nodes, can exec/eval be > made 'safe' so they cannot execute code outside the sandbox. According to multiple exploits listed in this thread, no, it's not possible. > If anyone had managed to find any more examples of holes in the > original featureset after the first couple then I would agree with > you, but they haven't. See my latest exploit using functools.update_wrapper() + A.__setattr__() ;-) >> As others pointed out, this particular approach (with maybe >> different details) has been tried again and again and again > > This simply isn't true either. As far as I can see, only > RestrictedPython has tried anything remotely similar, and > to the best of my ability to determine, that project is not > considerd a failure. IMHO nobody seriously audited RestrictedPython. It doesn't mean that it's secure. When it was created, security was less important than nowadays. Victor
- Previous message (by thread): [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
- Next message (by thread): [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list