05.09.20 03:24, Chris Angelico пише:
> But don't expect that to actually be secure. It mitigates SOME security
> threats.
>
> I think Python would do very well to have a "restricted evaluation"
> function. Looking at the source code for literal_eval, it doesn't seem
> too hard to add a check alongside the Constant handler to say "if it's
> Name, context Load, look up the name in the provided dict".
It is more hard that you think. Try ast.literal_eval('+1'*1000000). It
crashes before you start to walk the AST tree.
You need to implement at least your own AST parser in pure Python to
make more safe eval. And there are other vectors of attack (for example
via string-to-integer converter).
_______________________________________________
Python-ideas mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at
https://mail.python.org/archives/list/[email protected]/message/PGNKU7IAEXSGPVSAH4O5UHQCJNEZY4KQ/
Code of Conduct: http://python.org/psf/codeofconduct/
