Message 234376 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	Paweł.Zduniak, brett.cannon, eric.smith, eryksun, steve.dower, tim.golden, vstinner, zach.ware
Date	2015-01-20.14:25:53
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1421763953.75.0.465616426069.issue23281@psf.upfronthosting.co.za>
In-reply-to

Content
> we assume it was generated by Python and not an external, malicious source. Said differently: you must not trust .py or .pyc downloaded from untrusted sources. Executing arbitary .py or .pyc file allows to execute arbitrary Python code. Instead of writing complex code to inject machine code in the Python evaluation loop (Python/ceval.c), just execute "import os; os.system('echo pwn!')" which runs an arbitrary shell command. Compile it to .pyc if you want to "exploit" the PYC path.

> we assume it was generated by Python and not an external, malicious source.

Said differently: you must not trust .py or .pyc downloaded from untrusted sources. Executing arbitary .py or .pyc file allows to execute arbitrary Python code.

Instead of writing complex code to inject machine code in the Python evaluation loop (Python/ceval.c), just execute "import os; os.system('echo pwn!')" which runs an arbitrary shell command. Compile it to .pyc if you want to "exploit" the PYC path.

History
Date	User	Action	Args
2015-01-20 14:25:53	vstinner	set	recipients: + vstinner, brett.cannon, eric.smith, tim.golden, zach.ware, eryksun, steve.dower, Paweł.Zduniak
2015-01-20 14:25:53	vstinner	set	messageid: <1421763953.75.0.465616426069.issue23281@psf.upfronthosting.co.za>
2015-01-20 14:25:53	vstinner	link	issue23281 messages
2015-01-20 14:25:53	vstinner	create