From: "Guido van Rossum" <guido@python.org> > > I have always wondered, why does both ``cPickle`` (which uses camel-style > > naming which I thought was a no-no) and ``Pickle``? They do exactly the > > same thing (in theory). > > pickle.py is the specification of the protocol; cPickle.c is a > reimplementation that's up to 1000x faster. I always prototype new > features in pickle.py. > > > Is there any other place where security has been built into > > something? Sounds like we should do a security inaudit (is that a > > word?) and rip out pretty much all security code. > > There's very little code devoted specifically to security. However, > there's a feature called "restricted mode", and in restricted mode, > certain introspections are disallowed. Restricted mode is on when a > particular stack frame's __builtins__ dictionary isn't the default one > (which is __builtin__.__dict__ -- note the difference between > __builtin__, which is a module, and __builtins__, which is a global > with magic meaning). Read the source for PyFrame_New(). > > It turns out that in 2.2 and beyond, not enough restrictions were > placed on disallowing new introspections that were enabled by virtue > of the class/type integration, and that's the cause of most rexec > vulnerabilities. you may want to look the places where PyEval_GetRestricted() is called, it is used to check whether restricted execution is in place. There are too few of those checks... and anyway blocking things in this adhoc way is a fragile strategy.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4