> > [rexec compromised by deleting __builtins__] > > > > This has been known for a while, see python.org/sf/577530. > > > > My recommendation is the same as always: don't trust rexec. > > > > --Guido van Rossum (home page: http://www.python.org/~guido/) > > I think it is a VERY BAD idea to advertise publicly that rexec can be > used to "safely" restrict execution, while privately (ie, the above > postings to a developers-only list and to sourceforge). > > Therefore I propose that the official documentation to the Python > Library Reference for the module rexec be modified to add a note saying > that rexec is not completely reliable and can be undermined by a > knowledgable hacker. The current documentation STRONGLY implies this is > NOT the case by explaining in detail the more minor susceptibility to > DOS attacks (memory or CPU time) and raising SystemExit. > > Why not add something like the following to the beginning of the module > documentation: > > """ > Warning: While the rexec module is designed to perform as described > below, it does have a few known vulnerabilities which could be exploited > by carefully written code. Thus it should not be relied upon in > situations requiring "production ready" security. In such situations, > execution via sub-processes (a separate Python executable) or very > careful "cleansing" of data to be processed may be necessary. > Alternatively, help in patching known rexec vulnerabilities would be > welcomed. > """ > > Admitting to library weaknesses (especially in the area of security) > doesn't make great PR, but at least it's honest! Yes. This should be done. --Guido van Rossum (home page: http://www.python.org/~guido/)
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4