[Python-Dev] Extending startup code: PEP needed?

M.-A. Lemburg mal@lemburg.com
2001年1月08日 19:40:37 +0100

• Previous message: [Python-Dev] Extending startup code: PEP needed?
• Next message: [Python-Dev] Extending startup code: PEP needed?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Guido van Rossum wrote:
>> Discussions based on Python running as root and picking up untrusted
> code from $PYTHONPATH are pointless. Of course this is a security
> hole. If root runs *any* Python script in a way that could pick up
> even a single untrusted module, there's a security hole. site.py or
> *.pth files are just a special case of this, so I don't see why this
> is used as an example.

Agreed; see my reply to Martin.
Still, wouldn't it be wise to add some logic to Python to prevent
importing untrusted modules, e.g. by making sys.path read-only and
disabling the import hook usage using a command line ? 
This would at least prevent the most obvious attacks. I wonder how
RedHat works around these problems.
-- 
Marc-Andre Lemburg
______________________________________________________________________
Company: http://www.egenix.com/
Consulting: http://www.lemburg.com/
Python Pages: http://www.lemburg.com/python/

---

• Previous message: [Python-Dev] Extending startup code: PEP needed?
• Next message: [Python-Dev] Extending startup code: PEP needed?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]