[Python-3000] Immutable bytes type and bsddb or other IO (original) (raw)
Guido van Rossum guido at python.org
Tue Aug 28 17:51:41 CEST 2007
- Previous message: [Python-3000] Immutable bytes type and bsddb or other IO
- Next message: [Python-3000] Immutable bytes type and dbm modules
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 8/27/07, Gregory P. Smith <greg at krypto.org> wrote:
I'm sure the BerkeleyDB library is not expecting the data passed in as a lookup key to change mid database traversal. No idea if it'll handle that gracefully or not but I wouldn't expect it to and bet its possible to cause a segfault and/or irrepairable database damage that way. The same goes for any other C APIs that you may pass data to that release the GIL.
In the case of BerkeleyDB I find this a weak argument -- there are so many other things you can do to that API from Python that might cause it to go beserk, that mutating the bytes while it's looking at them sounds like a rather roundabout approach to sabotage.
Now, in general, I'm the first one to worry about techniques that could let "pure Python" code cause a segfault, but when using a 3rd party library, there usually isn't a choice.
Yet another thing is malignant data, but that's not the case here -- you would have to actively write evil code to trigger this condition. So I don't see this as a security concern (otherwise the mere existence of code probably would qualify as a security concern ;-).
IOW I'm not worried. (Though I'm not saying I would reject a patch that adds the data locking facility to the bytes type. :-)
-- --Guido van Rossum (home page: http://www.python.org/~guido/)
- Previous message: [Python-3000] Immutable bytes type and bsddb or other IO
- Next message: [Python-3000] Immutable bytes type and dbm modules
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]