Guido van Rossum wrote: > On Mon, Feb 23, 2009 at 3:16 PM, "Martin v. Löwis" <martin at v.loewis.de> wrote: > >>> Don't I remember the previous restricted module dying a similar "death >>> of 1,000 cuts" before it was concluded to be unsafe at any height and >>> abandoned? >>> >> I think you are slightly misremembering. It got cut again and again, >> but never died. Then, new-style classes hit an artery, and it bled >> to death. >> >> I'm curious how this one fares. >> > > FWIW, I am remembering more about how Samuele cracked it. It had to do > with getting the supervisor code to call one of its own functions with > arguments provided by the sandboxed code. Tav's safelite.py doesn't > seem to be directly exploitable that way because (using ctypes hacks) > it *removes* some offending special methods. But that door would be at > least slightly ajar with Tar's proposed patch to Python, as that > doesn't remove the offending attributes (__subclasses__ etc.); it only > forbids them in restricted mode. But this once again enables Samuele's > hack. (Oh if I only could find the link with the actual attack -- it > was quite a bit more devious than attacks linked to so far.) > > http://mail.python.org/pipermail/python-dev/2003-March/033978.html
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4