"Chris Angelico" <ros...@gmail.com> wrote in message news:CAPTjJmrXp4MSO9f=xb_brupnrz7xrksktkbfvo-e5n7lr_m...@mail.gmail.com... > On Sun, Mar 8, 2015 at 6:30 PM, Frank Millman <fr...@chagford.com> wrote: >> Actually, as I write this, I realise that there is a more important >> question >> that had not occurred to me before. Is this a potential security risk? My >> intention is that the caller would only call functions within my own >> modules, but this could be used to call any arbitrary function. > > Here's an easy solution to both halves of your problem. It guarantees > that arbitrary functions can't be called (or at least, that functions > from arbitrary modules can't be called), and guarantees predictable > performance: > > modules = { > "some_module": some_module, > "another_module": another_module, > } > > module_name, func_name = func_name.rsplit('.', 1) > module = modules.get(module_name) > if module: getattr(module, func_name)(caller, xml_elem) > else: cope with invalid choice of module > > You could programmatically populate the dictionary (eg from a list of > acceptable module names) either with importlib or by pulling them from > sys.modules. But whichever way you do it, you have an easy guarantee > that arbitrary modules won't be imported, guaranteeing both security > and performance in one stroke.
That is a neat solution. Thanks, Chris Frank -- https://mail.python.org/mailman/listinfo/python-list