Convert String to Dictionary question
Jason Orendorff
jason at jorendorff.com
Mon Feb 25 20:11:18 EST 2002
Fredrik Lundh wrote:
> it's fairly trivial to construct a pickle string that calls
> eval or os.system with arbitrary arguments.
Andrew Dalke wrote:
> In http://groups.google.com/groups?selm=9slgqh%24ffm%241%
> 40slb2.atl.mindspring.net&output=gplain
> I show how to delete an arbitrary file using pickle (note:
> doesn't work with cPickle, but there are any other attacks I
> didn't try).
For what it's worth, *this* particular hole seems to have been
patched. But pickle can still call class constructors and
__setstate__ methods and so forth, and it seems to me that
plenty of standard lib constructors do at least a little disk
access and socket stuff. So it's still not safe.
(in Python 2.2)
>>> t = "(S'filename.txt'\012p1\012ios\012unlink\012p2\012(dp3\012b."
>>> pickle.loads(t)
pickle.UnpicklingError:
<built-in function unlink> is not safe for unpickling
>>> cPickle.loads(t)
cPickle.UnpicklingError:
<built-in function unlink> is not safe for unpickling
## Jason Orendorff http://www.jorendorff.com/
More information about the Python-list
mailing list