Alternatives for pickle?

Michael Foord fuzzyman at gmail.com
Wed Oct 13 10:17:02 CEST 2004


<exarkun at divmod.com> wrote in message news:<mailman.4762.1097602721.5135.python-list at python.org>...
> On 12 Oct 2004 08:25:10 -0700, fuzzyman at gmail.com (Michael Foord) wrote:
> >Antoon Pardon <apardon at forel.vub.ac.be> wrote in message news:<slrncmkgq0.54i.apardon at rcpc42.vub.ac.be>...
> > > I'm writing a little game, a gridler application, where you
> > > can turn pixmaps into puzzle's and try to solve them. I already
> > > have the data structure for such a puzzle worked out, one of
> > > the problems is writing it to a file and reading it back in.
> > > 
> > > I first went to the pickle module but there I read this.
> > > 
> > > | Warning: The pickle module is not intended to be secure against
> > > | erroneous or maliciously constructed data. Never unpickle data
> > > | received from an untrusted or unauthenticated source.
> > > 
> > 
> > Hmmm..... I wonder how easy it is to craft a malicious pickle that
> > will automatically run code objects just because they are unpickled.
> > My guess is that it's quite difficult - I've never heard of it *ever*
> > being done. Someone would have to be *very* malicious to work out how
> > to do it on the off chance of planting a back door into someone's
> > machine through a program like yours. No offence intended, but if they
> > were going to go to all that effort I expect they might aim for
> > something with a wider audience.
> 
>   It's absolutely positively trivial.  It took me about 30 seconds to come up with this pickle, about a year ago:
> 
>   'c__builtin__\neval\np0\n(S"__import__(\'os\').system(\'touch blah\')"\np1\ntp2\nRp3\n.'
> 
>   Anyone with moderate knowledge of pickle is capable of constructing something similar.
> 
>   Jp

And that pickle is run just by being unpickled ? Far out - I'll have
to have a look at it...

Regards,

Fuzzy

http://www.voidspace.org.uk/atlantibots/pythonutils.html



More information about the Python-list mailing list