[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
Isaac Morland
ijmorlan at uwaterloo.ca
Tue Apr 12 06:21:04 EDT 2016
On Tue, 12 Apr 2016, Jon Ribbens wrote:
>> This is still a massive game of whack-a-mole.
>
> No, it still isn't. If the names blacklist had to keep being extended
> then you would be right, but that hasn't happened so far. Whitelists
> by definition contain only a small, limited number of potential moles.
>
> The only thing you found above that even remotely approaches an
> exploit is the decimal.getcontext() thing, and even that I don't
> think you could use to do any code execution.
"I don't think"?
Where's the formal proof?
Without a proof, this is indeed just a game of whack-a-mole.
I don't "think" Python is a suitable foundation for a sandboxing system
intended for security purposes, but my "think" won't lead to security
holes whereas yours will. So, I would respectfully suggest that unless
you increase the rigour of your effort substantially, it is not
worthwhile. Python is great for lots of applications already - there is
no need to force it into unsuitable problem domains.
Isaac Morland CSCF Web Guru
DC 2619, x36650 WWW Software Specialist
More information about the Python-Dev
mailing list