Taint Mode in Python 3.0
Dear All, I have published the diff for my implementation of tainted mode in Python for R3.0 (released version) at http://www.cats-muvva.net/software/. Look at the bottom the page. I apologise for past problems accessing this web site: I hope to have resolved all the issues with it. Nicole
When I try to run this, I get: Fatal Python error: Py_Initialize: can't initialize sys standard streams Traceback (most recent call last): File "/home/fijal/lang/python/Python30/Lib/encodings/__init__.py", line 31, in <module> File "/home/fijal/lang/python/Python30/Lib/codecs.py", line 1060, in <module> TaintError: using tainted data Aborted Are there any tests what it should do? Didn't find it in a diff On Thu, Dec 4, 2008 at 7:36 PM, Nicole King <nicole@cats-muvva.net> wrote:
Dear All,
I have published the diff for my implementation of tainted mode in Python for R3.0 (released version) at http://www.cats-muvva.net/software/. Look at the bottom the page. I apologise for past problems accessing this web site: I hope to have resolved all the issues with it.
Nicole _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/fijall%40gmail.com
Hello, On Thu, Dec 4, 2008 at 19:36, Nicole King <nicole@cats-muvva.net> wrote:
Dear All,
I have published the diff for my implementation of tainted mode in Python for R3.0 (released version) at http://www.cats-muvva.net/software/. Look at the bottom the page. I apologise for past problems accessing this web site: I hope to have resolved all the issues with it.
The patch is indeed huge! it seems that every function that returns a PyObject must be modified. And it seems very difficult to check for its correctness. Did you look at the Pypy project? The C code of the interpreter is generated, and it already proposes a "Taint" option at translation time. http://codespeak.net/pypy/dist/pypy/doc/objspace-proxies.html#taint With only 300 lines of elegant python code... -- Amaury Forgeot d'Arc
Hello, The thing is pypy's taint code is broken. Basically you don't only need to patch all places that return pyobject, but also all places that might modify anything. (All side effects) For example innocently looking call to addition might end up calling arbitrary python code (and have arbitrary side effects). There is a question how do you approach such things? Cheers, fijal On Fri, Dec 5, 2008 at 12:29 AM, Amaury Forgeot d'Arc <amauryfa@gmail.com> wrote:
Hello,
On Thu, Dec 4, 2008 at 19:36, Nicole King <nicole@cats-muvva.net> wrote:
Dear All,
I have published the diff for my implementation of tainted mode in Python for R3.0 (released version) at http://www.cats-muvva.net/software/. Look at the bottom the page. I apologise for past problems accessing this web site: I hope to have resolved all the issues with it.
The patch is indeed huge! it seems that every function that returns a PyObject must be modified. And it seems very difficult to check for its correctness.
Did you look at the Pypy project? The C code of the interpreter is generated, and it already proposes a "Taint" option at translation time. http://codespeak.net/pypy/dist/pypy/doc/objspace-proxies.html#taint With only 300 lines of elegant python code...
-- Amaury Forgeot d'Arc _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/fijall%40gmail.com
Maciej Fijalkowski wrote:
Hello,
The thing is pypy's taint code is broken. Basically you don't only need to patch all places that return pyobject, but also all places that might modify anything. (All side effects) For example innocently looking call to addition might end up calling arbitrary python code (and have arbitrary side effects). There is a question how do you approach such things?
Taint isn't an easy problem, but PyPy is still a *much* better platform for that kind of experimentation than CPython. RPython, objects spaces, the code generation, etc all give you much more powerful tools to play with than the raw C code of the reference interpreter. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia ---------------------------------------------------------------
participants (4)
-
Amaury Forgeot d'Arc -
Maciej Fijalkowski -
Nick Coghlan -
Nicole King