Comments (3)
@jmdejong Well, open()
might be useful. It is a security risk only to the extent that user is permitted by the file system to read/write, right?
That said, I suppose it could be removed...
from asteval.
Most use cases for asteval that I can think of would have files with private data on the same filesystem.
A likely usecase for asteval would be a game that allows scripting. In this example, the same filesystem (with the same user permissions) might contain a file with the passwords of the players.
A second problem is that this can easily exceed the max_time.
Reading from /dev/urandom
will never finish, and because it doesn't pass through run
the max_time check will not be able to stop it.
from asteval.
Most use cases for asteval that I can think of would have files with private data on the same filesystem.
Wouldn't that always be the case?
A likely usecase for asteval would be a game that allows scripting. In this example, the same filesystem (with the same user permissions) might contain a file with the passwords of the players.
Well, asteval
is designed to allow an "outer, wrapping" program to do calculations using strings input by outside users. Those strings have to be viewed by the outer program as untrusted or perhaps "trusted" in the sense that the outer program is willing to take that input passed in by users and run it through asteval
s interpreter.
The outer program might want to allow users to open files. It might also want to restrict which files it can open. It might want to run under some special user account (say, "apache" or "nobody") that cannot access some files based on file system permissions. Those are all possible.
open
is just a symbol in asteval
s symbol table that points to Python's open
function. It can be replaced with a different function or removed from that symbol table. FWIW, if using numpy
, there are also functions load
and loadtxt
that can also access the disk.
A second problem is that this can easily exceed the max_time.
Reading from /dev/urandom will never finish, and because it doesn't pass through run the max_time check will not be able to stop it.
max_time
is deprecated. It is actually not possible for a single Python process to have a runtime restriction. Once Python enters C code (as with any i/o or even a potentially long running calculation like 777), the Python interpreter is stuck and there is no way out from that process.
To restrict resource hogging, you would have to use a supervisory process to check (for example) that the asteval-running outer process had not returned (for example, writing a heartbeat message), and act on that. There really isn't anything we can add to asteval itself to aid that. That is, a long running asteval calculation might be in some asteval for-loop and returning to asteval code (in which case a max_time
mechanism might work), but it might be stuck in C code (like pow() or i/o).
from asteval.
Related Issues (20)
- Supporting lambda expressions HOT 2
- Python 3.10: test_kaboom fails with IndexError HOT 4
- Import error with python 3.7 due to missing import.metadata HOT 5
- Backward incompatible change is not documented HOT 8
- Does not evaluate types like eval() HOT 6
- Returned value is repeated on next invocation of eval HOT 4
- asteval segfault HOT 5
- Missing dependency in Python 3.7 HOT 3
- Latest release (0.9.26) has importlib_metadata/importlib.metadata bug HOT 7
- Improve the propagation of Exception information (the bad name for a NameError) HOT 2
- List comprehension with multiple "for" loops results in NameError HOT 6
- max_time seems to be unsued HOT 2
- Support regex / glob modules HOT 2
- PyPI: also upload source tarball HOT 2
- power to a negative int HOT 4
- name 'str' is not defined HOT 1
- tests/test_asteval.py::TestEval::test_set_default_nodehandler fails if Python is built without Tkiner HOT 4
- ipmt throws deprecation warning in numpy 2.0.dev HOT 2
- The truth value of a Series is ambiguous HOT 3
- Variable unpacking does not work as expected HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from asteval.