[Python-Dev] Security capabilities in Python
Michael Hudson
mwh at python.net
Sat Apr 9 20:13:04 CEST 2005
Jp Calderone <exarkun at divmod.com> writes:
> Does using the gc module to bypass this security count? If so:
>
> exarkun at boson:~$ python -i facet.py
> >>> import gc
> >>> c = readonly_facet.__getattr__.func_closure[1]
> >>> r = gc.get_referents(c)[0]
> >>> r.n = 'hax0r3d'
> >>> readonly_facet.value()
> 'hax0r3d'
> >>>
>
> This is the easiest way of which I know to bypass the use of cells
> as a security mechanism. I believe there are other more involved
> (and fragile, probably) ways, though.
The funniest I know is part of PyPy:
def extract_cell_content(c):
"""Get the value contained in a CPython 'cell', as read through
the func_closure of a function object."""
# yuk! this is all I could come up with that works in Python 2.2 too
class X(object):
def __eq__(self, other):
self.other = other
x = X()
x_cell, = (lambda: x).func_closure
x_cell == c
return x.other
It would be unfortunate for PyPy (and IMHO, very un-pythonic) if this
process became impossible.
Cheers,
mwh
--
Java sucks. [...] Java on TV set top boxes will suck so hard it
might well inhale people from off their sofa until their heads
get wedged in the card slots. --- Jon Rabone, ucam.chat
More information about the Python-Dev
mailing list