Is there any safe way to create an instance of an untrusted class
without consulting the class in any way? With old-style classes, I can
recreate an instance from another one without worrying about malicious
code (ignoring, for now, malicious code involving attribute access) as
shown below. import types
class Foo:
.... def __init__(self, who, knows, what, args):
.... self.mystery_args = (who, knows, what, args)
.... print "Your code didn't expect the Spanish inquisition!"
.... f = Foo('spam','eggs','ham','bacon') # This would be in a restricted environment, though.
Your code didn't expect the Spanish inquisition! types.InstanceType(Foo, f.__dict__) # This wouldn't, but we never run that code, anyways.
<__main__.Foo instance at 0x008B5FD0>
I'm not sure how to do the same for new-style classes, if it's at all
possible to do from within Python. Is there any way to accomplish this,
or is there no practical way to do so?
Thanks,
- Devan 5  1227 
"Devan L" <de****@gmail.com> writes: Is there any safe way to create an instance of an untrusted class
Why are you instantiating classes you don't trust?
without consulting the class in any way?
If you don't "consult the class", how can the instance be created
properly?
--
\ "It's easy to play any musical instrument: all you have to do |
`\ is touch the right key at the right time and the instrument |
_o__) will play itself." -- Johann Sebastian Bach |
Ben Finney
Ben Finney wrote: "Devan L" <de****@gmail.com> writes:
Is there any safe way to create an instance of an untrusted class
Why are you instantiating classes you don't trust?
without consulting the class in any way?
If you don't "consult the class", how can the instance be created
properly?
When my program runs (CGI), the following happens:
* User enters source, which is executed in a restricted environment,
which unserializes a previously serialized environment if there is one.
* The restricted environment is serialized, including any instances
they may have instantiated.
So when I unserialize their instances, I have to recreate them, but
without calling any of their code (I can't run the unserializing code
in a restricted environment). Instances of old-style classes can be
created without touching the actual old-style class code, but I'm not
sure how, if it's possible, to do the same with new-style classes
- Devan
Devan L wrote: Is there any safe way to create an instance of an untrusted class
without consulting the class in any way? With old-style classes, I can
recreate an instance from another one without worrying about malicious
code (ignoring, for now, malicious code involving attribute access) as
shown below.
import types
class Foo: ... def __init__(self, who, knows, what, args):
... self.mystery_args = (who, knows, what, args)
... print "Your code didn't expect the Spanish inquisition!"
... f = Foo('spam','eggs','ham','bacon') # This would be in a restricted environment, though. Your code didn't expect the Spanish inquisition! types.InstanceType(Foo, f.__dict__) # This wouldn't, but we never run that code, anyways. <__main__.Foo instance at 0x008B5FD0>
I'm not sure how to do the same for new-style classes, if it's at all
possible to do from within Python. Is there any way to accomplish this,
or is there no practical way to do so?
Thanks,
- Devan
class A(object):
.... def __init__(self, *args):
.... self.args = args
.... print "Calling __init__"
.... a = A("new","style")
Calling __init__ b = object.__new__(A)
b.__dict__ = a.__dict__.copy()
b.args
('new', 'style') type(a) is type(b)
True
HTH
Michael
Michael Spencer wrote: Devan L wrote: Is there any safe way to create an instance of an untrusted class
without consulting the class in any way? With old-style classes, I can
recreate an instance from another one without worrying about malicious
code (ignoring, for now, malicious code involving attribute access) as
shown below.
[snip my example]
I'm not sure how to do the same for new-style classes, if it's at all
possible to do from within Python. Is there any way to accomplish this,
or is there no practical way to do so?
Thanks,
- Devan
>>> class A(object):
... def __init__(self, *args):
... self.args = args
... print "Calling __init__"
... >>> a = A("new","style") Calling __init__ >>> b = object.__new__(A)
>>> b.__dict__ = a.__dict__.copy()
>>> b.args ('new', 'style') >>> type(a) is type(b) True >>>
HTH
Michael
Thanks, now I just have to figure out all the meddling small details I
put off before!
-Devan
Michael Spencer wrote: >>> class A(object): ... >>> b = object.__new__(A)
Note that you'll need to be a bit cleverer if the
class might be derived from some other built-in
type:
class A(list):
.... pass
.... b = object.__new__(A)
Traceback (most recent call last):
File "<stdin>", line 1, in ?
TypeError: object.__new__(A) is not safe, use list.__new__() b = list.__new__(A)
b
[]
I'm not sure what is the easiest way to figure out
what base class to use, though. One way would be
to work your way backwards along the __mro__ until
one of them succeeds, but there's probably a more
direct way.
--
Greg This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: PerfectDayToChaseTornados |
last post by:
Hi All, I was wondering what peoples opinions, or experience were with
creating instances by reflection. How expensive is the following code? It is
from a factory class, I was wondering whether to...
|
by: Jim Dabell |
last post by:
I'm in the middle of writing a small app for Linux that needs to create
directories that take their names from untrusted data. If possible, I'd
like to preserve special characters rather than...
|
by: Sean R. Lynch |
last post by:
I've been playing around with Zope's RestrictedPython, and I think I'm
on the way to making the modifications necessary to create a
capabilities-based restricted execution system. The idea is to...
|
by: Altramagnus |
last post by:
I have 30 - 40 type of different window.
For each type I need about 20 instances of the window.
When I try to create them, I get "Error creating window handle"
My guess is there is a maximum...
|
by: nog |
last post by:
What's the best approach to creating many objects of a
class?
I have in mind using something analogous to a table to hold
the data - which is in a form similar to (char name, char
address, date...
|
by: Jim Washington |
last post by:
I'm still working on yet another parser for JSON (http://json.org). It's
called minjson, and it's tolerant on input, strict on output, and pretty
fast. The only problem is, it uses eval(). It's...
|
by: Adam |
last post by:
Hi all,
I need to create a bunch of class instances as myapp runs, but I want to
avoid code like this:
Dim oUser1 as new User
Dim oUser2 as new User
Dim oUser3 as new User
Dim oUser4 as new...
|
by: Ben |
last post by:
Hello,
I've been developing apps in Delphi for years and have just started
writing my first big project in c# + ms .net and have some questions
about security and untrusted code.
I've got an...
|
by: Joseph Gruber |
last post by:
Ok, so I'm about to go nuts. Here's the background -- My Documents is
redirected to a network location and My Documents is an offline
folder. So my projects location is located in my (network) My...
|
by: Andrey Fedorov |
last post by:
Is the scope of a closure accessible after it's been created? Is it
safe against XSS to use closures to store "private" auth tokens? In
particular, in...
....can untrusted code access...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
| |
