[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [pygame] From * import * and Pygame2exe

To: pygame-users@xxxxxxxx
Subject: Re: [pygame] From * import * and Pygame2exe
From: Andre Roberge <andre.roberge@xxxxxxxxx>
Date: Wed, 20 Jul 2005 14:22:52 -0300
Delivered-to: archiver@seul.org
Delivered-to: pygame-users-outgoing@seul.org
Delivered-to: pygame-users@seul.org
Delivery-date: Wed, 20 Jul 2005 13:23:48 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=PA0gNBuwYdBNvZbEpNoIRBopGzfWd2fVf3HLW1x7OHigTxEFSnLMeCriD3BA14TPKYer1d340FXwt3Tb1a9PVq4/WQpJYc0NjtXHPyh9hNqOcAE8c27RnkN/I/y8N7csBYZ6fjqIhtak8Nmo5oBHV9gaULkTG6sK0WCBVtRN2ig=
In-reply-to: <2c43defd05072009387c1fd46b@mail.gmail.com>
References: <1243.165.121.82.234.1121702161.squirrel@165.121.82.234> <2c43defd05071809025ac0ad47@mail.gmail.com> <383b6d6f050718135154416901@mail.gmail.com> <1121871485.7900.27.camel@localhost.localdomain> <383b6d6f05072008245487fbe9@mail.gmail.com> <2c43defd05072009387c1fd46b@mail.gmail.com>
Reply-to: pygame-users@xxxxxxxx
Sender: owner-pygame-users@xxxxxxxx

On 7/20/05, Sami Hangaslammi <sami.hangaslammi@xxxxxxxxx> wrote:
> On 7/20/05, andrew baker <failrate@xxxxxxxxx> wrote:
> > Well, I was also thinking about running a validator somewhere in there
> > that would only allow a specific set of commands for the level
> > modules.  For example, no one should be executing file operations or
> > sys commands from within a level logic block.  In fact, they should
> > only be doing namespace data operations, comparisons and iterations.
> 
> You probably already know this, but it's fiendishly difficult to
> validate Python code like that if you are using the builtin compiler.
> The new Pythons don't have any builtin restricted execution tools
> anymore and plain string/regexp matching will probably let something
> slip (there are so many different ways to e.g. get reference to the
> os.system function).
> 
> The most realistic options are probably analyzing the abstract syntax
> tree or the compiled bytecodes. I've personally used bytecodes to
> validate untrusted Python expressions by restricting the allowed
> bytecodes to very basic operations (settings variable values mainly)
> and by restricting values for specific bytecodes (e.g. you could
> restrict the LOAD_NAME bytecode to only work on a handful of
> predefined names).
> 
> --
> Sami Hangaslammi
> 
How about doing something like the following:

def isFileSafe(file_to_import):
....unsafe = "".join(contents)
....unsafe = unsafe.replace("(", " (")
....unsafe = unsafe.split()
....bad_keywords = ["chr", "exec", "eval", "input", "raw_input",
"import", "file", "open"]
....for word in bad_keywords:
........if word in safe_list:
............return False
....return True

[add in a regular expression search for any "magic" python "word" of the form
__aName__, i.e. lead and followed by two underscores -- something I can't do on 
the spot :-(]

and only allow importing levels (through execfile()) if it's deemed to be safe?

André

Follow-Ups:
- Re: [pygame] From * import * and Pygame2exe
  - From: Sami Hangaslammi

References:
- [pygame] From * import * and Pygame2exe
  - From: kschnee
- Re: [pygame] From * import * and Pygame2exe
  - From: Sami Hangaslammi
- Re: [pygame] From * import * and Pygame2exe
  - From: andrew baker
- Re: [pygame] From * import * and Pygame2exe
  - From: Dan
- Re: [pygame] From * import * and Pygame2exe
  - From: andrew baker
- Re: [pygame] From * import * and Pygame2exe
  - From: Sami Hangaslammi

Prev by Author: Re: [pygame] New pygame tutorial: feedback wanted
Next by Author: Re: [pygame] Re: introduction and isometric library
Previous by thread: Re: [pygame] From * import * and Pygame2exe
Next by thread: Re: [pygame] From * import * and Pygame2exe
Index(es):
- Author
- Thread