Greg Ewing wrote: > Type "help", "copyright", "credits" or "license" for more information. >>>> (3).__class__.__bases__[0].__subclasses__()[-3] > <type 'file'> Wow, this almost made me fall out of my chair! I use a whitelist technique to disallow calls to all builtins, but I had no idea you could do this. Thanks for that! However, when I tried to exploit this in my level file format, I got: IOError: file() constructor not accessible in restricted mode So I guess it's more complicated than that. It looks like calling eval() or execfile() puts code in "restricted mode" regardless, and disallows file construction period. To quote Steven Bethard on comp.lang.python: "I believe the official stance is something like: 'Well restricted mode probably works in a lot of cases, but we're not confident enough in it (having found bugs in it over and over) that we'd suggest it for production use.'" >> That's the reason why restricted execution was withdrawn from the >> stdlib. Nobody seems to care about security enught to handle this >> (rather difficult) problem. > > That's not entirely true -- there are efforts underway to > come up with a new model for sandboxed execution. It'll probably > be a while before anything usable comes out of that, though. Where can I find information on these efforts? Ethan
Attachment:
signature.asc
Description: OpenPGP digital signature