pickle and security
Ben Hutchings
do-not-spam-ben.hutchings at businesswebsoftware.com
Fri Apr 11 05:56:30 EDT 2003
In article <m3wui2gjuw.fsf at mira.informatik.hu-berlin.de>, Martin v. Löwis wrote:
> "Jason Miller" <jmiller at physics.purdue.edu> writes:
>
>> As I understand it, the major security issue with unpickling untrusted
>> sources is that it may cause python to instantiate objects, calling
>> constructors that could do just about anything. If I only want to
>> unpickle objects that are not class instances, and (using cPickle) I set
>> find_global to None, are there any security concerns that remain?
>
> Depending on your version of cPickle, it also contains a call to eval,
> to unpickle a string. This is believed to be safe (as only safe
> strings are passed to eval), but you may want to review that specific
> fragment of code.
What about the attack suggested in
<mailman.1049909846.24938.python-list at python.org> (which is to use
"".__class__.__class__.__subclasses__("".__class__.__base__) to access
supposedly inaccessible classes)?
More information about the Python-list
mailing list