Diff for "Security" - Python Wiki

Differences between revisions 10 and 11

Notes about Python Security.

tav's jail

Nicole King (cats-muvva.net) wrote a taint mode for CPython 3.0: Python Taint Management.

Problems:

amaury: The patch is indeed huge!
fijall: it seems that every function that returns a PyObject must be modified
fijall: need to patch (...) all places that might modify anything. (All side effects)

=> ncoghlan: PyPy is still a *much* better platform for that kind of experimentation than CPython

See also the presentation: Securing Python: Controling the abilities of the interpreter, PyCon US 2007, Brett Cannon and Eric Wohlstadter

Some members:

Email: security AT python.org

PyPy project: PyPy's sandboxing features.
CapPython is an object-capability subset of Python, inspired by Joe-E and Caja/Cajita, which are object-capability subsets of Java and Javascript respectively.

os.kill(), os.chown(), os.unlink(), ...
imageop: many bugs
- CVE-2007-4965: Integer overflow in imageop module (2007-09 .. 2008-08)
- Buffer overflow in imageop module (rgb2rgb8): fixed in Python 2.6.1 and Python 3.0

Victor Stinner wrote a fuzzer called Fusil to test Python. It already helped to fix many bugs. fusil-python works on Python 2.4 .. 3.0.

-  ⇤ ← Revision 10 as of 2009-02-24 18:14:01 → 
  Size: 2452
  Editor: hachoir
  Comment:
+   ← Revision 11 as of 2009-02-24 18:16:38 → ⇥
  Size: 2677
  Editor: hachoir
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 2:
+== tav's jail ==

http://tav.espians.com/a-challenge-to-break-python-security.html

 * Remove evil attributes like frame.f_globals or object.__subclasses__
 * Remove evil builtins like compile(), import() or reload()