[Python-Dev] Python and Security (original) (raw)

Simon Cozens simon@netthink.co.uk
Mon, 21 Jan 2002 00:11:27 +0000

• Previous message: [Python-Dev] Python and Security
• Next message: [Python-Dev] Re: Python and Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jan 20, 2002 at 11:37:11PM +0100, Martin v. Loewis wrote:

In my understanding, tainting is needed if you allow data received from remote to invoke arbitrary operations. In Python, there is only a short list where this might cause a problem:

- invoking exec or eval on a string of unknown origin - unpickling an arbitrary string - performing getattr with a parameter of unknown origin.

From a Perl point of view, tainting is there to stop data received from outside to do anything related to the system. This includes what you say, but goes further: - open - os.popen (in fact, most of os.*) - socket (no, really) and everything that depends on it (urllib, etc.)

Since Python has rexec for this sort of thing, tainting may not be so important, but I think rexec goes too far. The idea of tainting is not to disallow using, say, arbitrary user input from CGI scripts as filenames - it's help the programmer segregate which pieces of data need special treatment before being passed to these kinds of functions.

-- Rule the Empire through force. -- Shogun Tokugawa

• Previous message: [Python-Dev] Python and Security
• Next message: [Python-Dev] Re: Python and Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]