List comprehension - NameError: name '_[1]' is not defined ?

mario ruggier mario.ruggier at gmail.com
Fri Jan 16 08:09:51 CET 2009


On Jan 16, 2:30 am, ajaksu <aja... at gmail.com> wrote:
> On Jan 15, 8:21 pm, mario ruggier <mario.rugg... at gmail.com> wrote:
>
> > OK! Here's a small script to make it easier...
>
> Thanks! I think I found a quick way around the restrictions (correct
> me if I borked it), but I think you can block this example by
> resetting your globals/builtins:
>
> exprs = [
>     '(x for x in range(1)).gi_frame.f_globals.clear()',
>     'open("where_is_ma_beer.txt", "w").write("Thanks for the fun  ")'
> ]

Cool, the beer that is ;) Under 2.6... why does python allow the
f_globals lookup in this case, but for the previous example for
func_globals it does not?

If you look at the top of the file test/test_restricted.py, there is:

# Attempt at accessing these attrs under restricted execution on an
object
# that has them should raise a RuntimeError
RESTRICTED_ATTRS = [
    'im_class', 'im_func', 'im_self', 'func_code', 'func_defaults',
    'func_globals', #'func_name',
    #'tb_frame', 'tb_next',
    #'f_back', 'f_builtins', 'f_code', 'f_exc_traceback',
'f_exc_type',
    #'f_exc_value', 'f_globals', 'f_locals'
]

I have not yet finished working this list off to ensure that any
lookup of these attrs wherever they occur will be refused, but I guess
that would block this kind of lookup out. I should also block any
attempt to access any "gi_*" attribute... Laboriously doing all these
checks on each expr eval will be very performance heavy, so I hope to
be able to limit access to all these more efficiently. Suggestions?

Cheers, Mario

> Regards,
> Daniel




More information about the Python-list mailing list