[Web-SIG] Python pickle and web security.

René Dudfield renesd at gmail.com
Sat Sep 16 04:23:22 CEST 2006 

That seems like a good way to stop the untrusted session store from
being able to inject sessions in there.  That could at least solve the
problem of using pickles from untrusted session stores.

Are you just using the basic python types?  eg dict, string, list,
numbers etc?  If so, perhaps using another serialiser will remove some
more risk if you cared.


On 9/15/06, Python <python at venix.com> wrote:
> On Fri, 2006-09-15 at 18:29 +1000, René Dudfield wrote:
> > Hello,
> >
> > I posted this on my blog the other day about people using pickle for
> > sessions, but got no response.  Do you guys think using pickles for
> > sessions is an ok thing to do?
>
> Either encrypt the pickle or have a seeded (md5) signature so that you
> can verify that the pickle has not been tampered.  I use pickles
> routinely, but with an md5 signature that combines a seed and the
> pickle.
>
> Someone cannot generate a valid signature without also knowing the seed.
> I am paranoid enough so that I only pickle dictionaries and then only
> extract and verify my list of expected keys after unpickling.  I can't
> prove that's secure, but I am not losing sleep over it.
>
> Presumably someone who knew the seed could generate a valid signature
> *and* inject code into the pickle that got executed by the unpickle
> operation.
>
> >
> >
> >
> >
> > ...........
> >
> > Some python web frame works are using pickle to store session data.
> > Pickle is a well known poor choice for secure systems. However it
> > seems to be more widely known by those writing network applications,
> > than those making web frameworks.
> >
> > Is your web framework using pickle for sessions despite the warnings
> > in the python documentation about it being insecure?
> >
> > By using sessions with pickle people who can write to the database
> > servers session table can execute code on the app server. Or people
> > who can get data into the session file/memcache data store can execute
> > data.
> >
> > This might be an issue if the database server is run by separate
> > people than the app server. Or if the session table is compromised by
> > an sql injection attack elsewhere.
> >
> > There are some more secure ways of storing pickled data.
> >
> > Pickle is deemed to be untrustworthy for data. In that it is not
> > certain that code can not be snuck into the data that will be executed
> > by pickle. So if some data from user input is put into the pickle,
> > then it is possible that code could be run.
> >
> > There are some people who know more about how to exploit pickle,
> > however the warning in the python documentation is this:
> >
> > ""Warning:
> > The pickle module is not intended to be secure against erroneous or
> > maliciously constructed data. Never unpickle data received from an
> > untrusted or unauthenticated source."""
> >
> >
> > Cerealizer might be an alternative option...
> > http://home.gna.org/oomadness/en/cerealizer/index.html
> >
> > Or maybe these other two.
> > http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/415503
> > http://barnesc.blogspot.com/2006/01/rencode-reduced-length-encodings.html
> > _______________________________________________
> > Web-SIG mailing list
> > Web-SIG at python.org
> > Web SIG: http://www.python.org/sigs/web-sig
> > Unsubscribe: http://mail.python.org/mailman/options/web-sig/python%40venix.com
> --
> Lloyd Kvam
> Venix Corp
>
>

More information about the Web-SIG mailing list