Security implications of using open() on untrusted strings.

Terry Reedy tjreedy at udel.edu
Mon Nov 24 17:54:14 CET 2008


r0g wrote:

> Yep, I spotted that too which is why white-listing is my fallback plan.
> My question is really about the security of using unfiltered data in a
> filesystem function though. Are there particualar exploits that could
> make use of such unfiltered calls?

The classic one would be submitting a filename such as 'a'*1000, but 
current OSes should be immune from that sort of thing by now.


  For example I'd imagine jailbreaking
> might be a concern if the app isn't run under it's own restricted user
> account. Do others here consider this when designing applications and
> what techniques/modules, if any, do you use to sanitize path/filename input?




More information about the Python-list mailing list