[Python-ideas] Executable space protection: NX bit,
Jonathan Fine
jfine2358 at gmail.com
Mon Sep 3 09:08:38 EDT 2018
Wes Turner wrote
> - Separation of executable code and non-executable data is a good thing.
> - Additional security in Python is a good idea.
> - Python should support things like the NX bit to separate code and non-executable data.
When I saw this, I thought at first it was about preventing tricks such as
def ask_save(): print('Save all files?')
def ask_delete(): print('Delete all files?')
>>> ask_save()
Save all files?
>>> ask_delete()
Delete all files?
# Evil code!
ask_delete.__code__, ask_save.__code__ = ask_save.__code__,
ask_delete.__code__
>>> ask_save()
Delete all files?
>>> ask_delete()
Save all files?
Any code that can directly call fn() and gn() can play this trick!
--
Jonathan
More information about the Python-ideas
mailing list