Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.004 X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'else:': 0.03; 'subject:Question': 0.07; 'caller': 0.09; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'whichever': 0.09; 'wrote': 0.14; '6:30': 0.16; 'before.': 0.16; 'modules,': 0.16; 'pulling': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'skip:n 70': 0.16; 'thanks,': 0.17; 'wrote:': 0.18; 'module': 0.19; 'solution.': 0.20; '(or': 0.24; 'question': 0.24; 'header:X -Complaints-To:1': 0.27; 'chris': 0.29; 'could': 0.34; "can't": 0.35; 'problem.': 0.35; 'but': 0.35; 'there': 0.35; 'acceptable': 0.36; 'list': 0.37; 'performance': 0.37; 'to:addr:python-list': 0.38; 'pm,': 0.38; 'to:addr:python.org': 0.39; 'either': 0.39; 'received:org': 0.40; 'called': 0.40; 'easy': 0.60; 'guarantee': 0.63; 'more': 0.64; 'within': 0.65; 'mar': 0.68; 'frank': 0.68; 'invalid': 0.68; '2015': 0.84; 'actually,': 0.84 X-Injected-Via-Gmane: http://gmane.org/ To: python-list@python.org From: "Frank Millman" Subject: Re: Question about importlib Date: Sun, 8 Mar 2015 09:53:07 +0200 References: X-Gmane-NNTP-Posting-Host: 197.86.205.221 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.3790.4657 X-RFC2646: Format=Flowed; Original X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4913 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.19 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 37 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1425801224 news.xs4all.nl 2888 [2001:888:2000:d::a6]:59346 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:87138 "Chris Angelico" wrote in message news:CAPTjJmrXp4MSO9f=xb_BRuPnRZ7XRKsKTkbFvo-e5N7Lr_MVVg@mail.gmail.com... > On Sun, Mar 8, 2015 at 6:30 PM, Frank Millman wrote: >> Actually, as I write this, I realise that there is a more important >> question >> that had not occurred to me before. Is this a potential security risk? My >> intention is that the caller would only call functions within my own >> modules, but this could be used to call any arbitrary function. > > Here's an easy solution to both halves of your problem. It guarantees > that arbitrary functions can't be called (or at least, that functions > from arbitrary modules can't be called), and guarantees predictable > performance: > > modules = { > "some_module": some_module, > "another_module": another_module, > } > > module_name, func_name = func_name.rsplit('.', 1) > module = modules.get(module_name) > if module: getattr(module, func_name)(caller, xml_elem) > else: cope with invalid choice of module > > You could programmatically populate the dictionary (eg from a list of > acceptable module names) either with importlib or by pulling them from > sys.modules. But whichever way you do it, you have an easy guarantee > that arbitrary modules won't be imported, guaranteeing both security > and performance in one stroke. That is a neat solution. Thanks, Chris Frank