Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #60639
| From | Ned Batchelder <ned@nedbatchelder.com> |
|---|---|
| Subject | Re: '_[1]' in .co_names using builtin compile() in Python 2.6 |
| Date | 2013-11-27 16:26 -0500 |
| References | <6cdefe87-5703-4caf-91c0-b4a02674a1e5@googlegroups.com> <l75jhi$o7r$1@ger.gmane.org> <CALvWhxuHaTgnsjOOEVjZ2Ejd9V5MGNWuxjY71J12ZCKxCz+Rug@mail.gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.3322.1385587627.18130.python-list@python.org> (permalink) |
On 11/27/13 3:44 PM, Chris Kaynor wrote: > On Wed, Nov 27, 2013 at 12:09 PM, Ned Batchelder <ned@nedbatchelder.com > <mailto:ned@nedbatchelder.com>> wrote: > > * Is there perhaps a better way to achieve what I'm trying to do? > > What I'm really after, is to check that python expressions > embedded in text files are: > - well behaved (no syntax errors etc) > - don't accidentally access anything it shouldn't > - I serve them with the values they need on execution > > > I hope you aren't trying to prevent malice this way: you cannot > examine a piece of Python code to prove that it's safe to execute. > For an extreme example, see: Eval Really Is Dangerous: > http://nedbatchelder.com/blog/__201206/eval_really_is___dangerous.html > <http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html> > > In your environment it looks like you have a whitelist of > identifiers, so you're probably ok. > > > I just tested the crash example from that link in Python 2.7.5 win64 and > the co_names from the compiled code is empty. Therefore, a simple > whitelist would not catch that problematic code (and likely any other > global access done correctly). Even a simple test of making sure that at > least one (or any number of) valid identifier exists would be > insufficent, as you can merely tack on a ",a" to add "a" to the > co_names, and thus for any other variable. Ah, right you are! I neglected to go back and examine the dangerous code. So eval really is dangerous! --Ned. > > Basically, even with a pure whitelist, there is likely no possible way > to make eval/exec safe, unless you also eliminate the ability to make > literals. > > Chris > >
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
'_[1]' in .co_names using builtin compile() in Python 2.6 "magnus.lycka@gmail.com" <magnus.lycka@gmail.com> - 2013-11-27 11:40 -0800
Re: '_[1]' in .co_names using builtin compile() in Python 2.6 Ned Batchelder <ned@nedbatchelder.com> - 2013-11-27 15:09 -0500
Re: '_[1]' in .co_names using builtin compile() in Python 2.6 "magnus.lycka@gmail.com" <magnus.lycka@gmail.com> - 2013-11-28 03:17 -0800
Re: '_[1]' in .co_names using builtin compile() in Python 2.6 Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-27 13:23 -0700
Re: '_[1]' in .co_names using builtin compile() in Python 2.6 Chris Kaynor <ckaynor@zindagigames.com> - 2013-11-27 12:44 -0800
Re: '_[1]' in .co_names using builtin compile() in Python 2.6 Ned Batchelder <ned@nedbatchelder.com> - 2013-11-27 16:26 -0500
Re: '_[1]' in .co_names using builtin compile() in Python 2.6 Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-11-27 22:08 +0000
csiph-web