[Python-Dev] PEP 292 for Python 2.4
Jeff Epler
jepler at unpythonic.net
Wed Jun 23 18:53:58 EDT 2004
What is the motivation for "safedict"? I can imagine two uses. One
seems like it could lead to some kind of security problem.
The "harmless" (?) use would be in debugging, so that the program would
continue when a key was missing, but the programmer could see after the
fact what that key was.
The harmful case would be one where the string is substituted in several
stages. Just like % substitutions, $-substitutions are not safe for
repeated expansion.
Here's an example:
def something(user_controlled_string):
mypassword = "drowssap"
bar = "1/8 x 1 inch aluminum bar"
s = dstring("${foo} is {$bar}")
s = s % safedict({'foo': user_controlled_string})
s = s % nsdict()
print s
The malicious user supplies user_controlled_string:
http://python.example.com/something?user_controlled_string=%24mypassword
and gets back
drowssap is 1/8 x 1 inch aluminum bar
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.python.org/pipermail/python-dev/attachments/20040623/24763d81/attachment.bin
More information about the Python-Dev
mailing list