Jp Calderone wrote:
> Probably not. For example:
>
>>>> (1).__class__.__bases__[0].__subclasses__()[-1]('/dev/null')
>
However:
py> eval("(1).__class__.__bases__[0]"
... ".__subclasses__()[16]('/dev/null')",
... dict(__builtins__={}))
Traceback (most recent call last):
Fil
Sorry, didn't mean to pester Jp
I have checked the archives, Rexec copies __builtins__, causing the del
__builtins__ issue. I'm modifying the lowest level__builtins__.
I am also using __getAttribute__ and __setAttr__, I could find no
mention of security holes on the lists.
Let me re-state the qu
[EMAIL PROTECTED] wrote:
> I had a quick look at the python source code and fileobject.c is one of
> the core classes which, I would imagine, is why a reference can be
> obtained. The other classes (method, dictionaries etc) don't look so
> much of a liability. I'll maybe try disabling the fopen
I had a quick look at the python source code and fileobject.c is one of
the core classes which, I would imagine, is why a reference can be
obtained. The other classes (method, dictionaries etc) don't look so
much of a liability. I'll maybe try disabling the fopen calls in
fileobject and see if it
On 11 May 2005 05:56:04 -0700, [EMAIL PROTECTED] wrote:
>Sorry, should maybe have used __import__ as an example.
>Let's say I grab import, store the reference within the Isolate class
>and then redirect the builtin import to a function in the Isolate class
>which only allows certain modules to be i
Sorry, should maybe have used __import__ as an example.
Let's say I grab import, store the reference within the Isolate class
and then redirect the builtin import to a function in the Isolate class
which only allows certain modules to be imported -eg not sys. Would
this be secure?
--
http://mai
On 11 May 2005 05:20:28 -0700, [EMAIL PROTECTED] wrote:
>If I replace the open builtin eg
>
>import main
>__main__.__builtins__.open=None
>
>Is there any way, from here on, to access the original open function??
>
>Extending this slightly, lets say I put a reference to the original
>open function i
If I replace the open builtin eg
import main
__main__.__builtins__.open=None
Is there any way, from here on, to access the original open function??
Extending this slightly, lets say I put a reference to the original
open function inside a class called Isolate and protect this reference
using __g
