Executing untrusted code

Emanuele D'Arrigo manu3d at gmail.com
Thu Aug 20 17:16:51 CEST 2009


Sorry for digging this back from the grave.
I've had to chew on it for a little while.

On Aug 8, 1:40 am, Nobody <nobody at nowhere.com> wrote:
> If you want to support restricted execution within a language, it
> has to be built into the language from day one. Trying to bolt it > on later is a fool's errand.

Fair enough. In this context, let's say I do this:

import __builtin__
import imp
originalBuiltins = imp.new_module("OriginalBuiltins")

def readOnlyOpen(filename):
    return originalBuiltins.open(filename, "r")

__builtin__.open = readOnlyOpen

exec(anUntrustedString, {})

In what ways would the untrusted string be able to obtain the
original, built-in open function and open a file for writing?

Manu




More information about the Python-list mailing list