[Python-Dev] PEP 292 for Python 2.4

Jeff Epler jepler at unpythonic.net
Wed Jun 23 18:53:58 EDT 2004

What is the motivation for "safedict"?  I can imagine two uses.  One
seems like it could lead to some kind of security problem.

The "harmless" (?) use would be in debugging, so that the program would
continue when a key was missing, but the programmer could see after the
fact what that key was.

The harmful case would be one where the string is substituted in several
stages.  Just like % substitutions, $-substitutions are not safe for
repeated expansion.

Here's an example:
    def something(user_controlled_string):
        mypassword = "drowssap"
        bar = "1/8 x 1 inch aluminum bar"
        s = dstring("${foo} is {$bar}")
        s = s % safedict({'foo': user_controlled_string})
        s = s % nsdict()
        print s

The malicious user supplies user_controlled_string:
and gets back
    drowssap is 1/8 x 1 inch aluminum bar

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.python.org/pipermail/python-dev/attachments/20040623/24763d81/attachment.bin

More information about the Python-Dev mailing list