Embedding Python in Python

Robey Holderith robey at slash_dev_slash_random.org
Wed Aug 18 23:03:27 CEST 2004


On Wed, 18 Aug 2004 19:44:47 +0000, JCM wrote:

> Paul Rubin <http://phr.cx@nospam.invalid> wrote:
>> JCM <joshway_without_spam at myway.com> writes:
>>> If you're concerned about security, another possibility is to parse
>>> the user's code and look for anything potentially dangerous.  You'll
>>> need to be aggressive, but I believe it's possible.  For example,
>>> disallow exec statements, the identifier "eval", any identifier of
>>> __this__ form, import statements, etc.  This is overly restrictive,
>>> but it will provide security.
> 
>> By the time you're done with all that, you may as well design a new
>> restricted language and interpret just that.
> 
>> Hint: 
>>   e = vars()['__builtins__'].eval
>>   print e('2+2')
> 
>> Even Java keeps getting new holes found, and Python is not anywhere
>> near Java when it comes to this kind of thing.
> 
> I don't think it's as difficult as you think.  Your snippet of code
> would be rejected by the rules I suggested.  You'd also want to
> prohibit other builtins like compile, execfile, input, reload, vars,
> etc.

I'm going to have to agree with Paul on this one.  I do not feel up to
the task of thinking of every possible variant of malicious code.  There
are far too many ways of writing the exact same thing.  I think it would
be much easier to write my own interpreter. 

-Robey





More information about the Python-list mailing list