minimum install & pickling

Aaron "Castironpi" Brady castironpi at
Wed Sep 17 07:26:43 CEST 2008

Sometimes questions come up on here about unpickling safely and
executing foreign code.  I was thinking a minimum install that didn't
even have access to modules like 'os' could be safe.   (Potentially.)
I have time to entertain this a little, though all the devs are busy.
I can bring it up again in a few months if it's a better time.

I browsed for info on 'rexec'.  Two c-l-py threads:

A lot of modules would have to go.  <Long list>  IPC modules:
subprocess, socket, signal, popen2, asyncore, asynchat.  ctypes, mmap,
platform.popen, glob, shutil, dircache, and many more</Long>.

I tested it out.  I renamed the 'Lib' directory and ran.

'import site' failed; use -v for traceback
Python 2.5.2 (r252:60911, Feb 21 2008, 13:11:45) [MSC v.1310 32 bit
(Intel)] on
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
ImportError: No module named os
>>> import socket
ImportError: No module named socket
>>> del __builtins__.__import__
>>> __import__
NameError: name '__import__' is not defined
>>> del, __builtins__.file
>>> open
NameError: name 'open' is not defined
>>> file
NameError: name 'file' is not defined

Even a function created from raw bytecode string can't do anything
without __import__ or 'open'.  And you can't get a second instance
running without subprocess or os.system.

'rexec' may be full of swiss cheese and irreparable, but maybe it
would work to start from bare-bones and add pieces known to be safe.
This sort of thing wouldn't need and standard library support either,
I don't think.

More information about the Python-list mailing list