[Python-Dev] Python and Security
Aahz Maruch
aahz@rahul.net
Sun, 20 Jan 2002 17:38:59 -0800 (PST)
Barry A. Warsaw wrote:
> >>>>> "MvL" == Martin v Loewis <martin@v.loewis.de> writes:
>
> | - invoking exec or eval on a string of unknown origin
> | - unpickling an arbitrary string
> | - performing getattr with a parameter of unknown origin.
>
> Don't forget os.system(), popen(), and friends, i.e. passing
> unsanitized strings to the shell. In my my long rusty Perl
> experience, this was the most common reason to use taint strings.
More precisely, because Perl culture developed as a superset of shell
scripts, it used to be all-too-common for Perl scripts to get their data
by parsing the output of a Unix utility (instead of calling a library
function directly). This necessarily spawned a subshell where malicious
input could be a security problem. (When I was learning Perl, the
available books often taught this programming style.)
I've heard that Perl culture has changed, but the taint capability is
still there because too many Perlers stick to their trusty poor habits.
Pythonistas, of course, never learned bad habits. ;-)
--
--- Aahz (@pobox.com)
Hugs and backrubs -- I break Rule 6 <*> http://www.rahul.net/aahz/
Androgynous poly kinky vanilla queer het Pythonista
We must not let the evil of a few trample the freedoms of the many.