Most Pythonic way to store (small) configuration

Michael Torrie torriem at gmail.com
Wed Aug 5 03:32:06 CEST 2015


On 08/04/2015 01:59 PM, Ben Finney wrote:
> marco.nawijn at colosso.nl writes:
> 
>> Why not use Python files itself as configuration files?
> 
> Because configuration data will be user-editable. (If it's not
> user-editable, that is itself a poor design choice.)
> 
> If you allow executable code to be user-edited, that opens your program
> to arbitrary injection of executable code. Your program becomes wide
> open for security exploits, whether through malicious or accidental
> bugs, and simple human error can lead to arbitrary-scope damage to the
> user's system.

We need to state the context here.  The only context in which having a
Python config file is dangerous is when the python program runs as a
different user/privilege than the owner of the config file.  If the user
owns the python files as well as the config file then none of this matters.

In most cases, I've never bought the argument you and others are making
here about security and demanding yet another DSL.  In fact I find the
argument to be rather circular in that we're dealing with programs that
aren't compiled but written in Python anyway. I can open and edit any
python file in the project that I want and make arbitrary, possibly
"malicious" changes to it! Oh no!  The idea that a malicious user could
inject python code in this instance and somehow deliberately harm the
system is kind of silly if you think about it.  It's me that's running
the python code in the first place. I could open any file and change it.
 I'm already running arbitrary code.

If I'm talking about a system service that is doing things for non-root
users, then yeah I'll agree with your argument completely.  But not for
most other situations.  Even a system service, if the config file is
owned by root, I'm okay with using python as configuration.  Because if
root's compromised, all bets are off anyway and all the python scripts
could be modified.

In fact python as configuration works very well for my purposes, and it
works well for Django, and there are many other projects that also do
this.  I don't think you'd want to use any other mechanism for
configuring Django, frankly.  I'm a bit surprised no one has mentioned
Django in this discussion yet.

In many of my projects I put basic config variables in a file like
config.py and import that in each module that needs it.  The config
module doubles as a global namespace for sharing between modules as well.





More information about the Python-list mailing list