Message 117498 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alexandre.vassalotti
Recipients	alexandre.vassalotti, pitrou
Date	2010-09-28.00:45:24
SpamBayes Score	0.0031245085
Marked as misclassified	No
Message-id	<1285634726.46.0.614090089511.issue9965@psf.upfronthosting.co.za>
In-reply-to

Content
I was going to say this method http://docs.python.org/dev/py3k/library/pickle.html#restricting-globals could be used to prevent this kind of attack on bytearray. But, I came up with this fun thing: pickle.loads(b'\x80\x03cbuiltins\nlist\ncbuiltins\nrange\nJ\xff\xff\xff\x03\x85R\x85R.') Sigh... you are right about pickle being insecure by design. The only solution is to use HMAC to check the integrity and the authenticity of incoming pickles.

I was going to say this method http://docs.python.org/dev/py3k/library/pickle.html#restricting-globals  could be used to prevent this kind of attack on bytearray. But, I came up with this fun thing:

pickle.loads(b'\x80\x03cbuiltins\nlist\ncbuiltins\nrange\nJ\xff\xff\xff\x03\x85R\x85R.')

Sigh... you are right about pickle being insecure by design. The only solution is to use HMAC to check the integrity and the authenticity of incoming pickles.

History
Date	User	Action	Args
2010-09-28 00:45:26	alexandre.vassalotti	set	recipients: + alexandre.vassalotti, pitrou
2010-09-28 00:45:26	alexandre.vassalotti	set	messageid: <1285634726.46.0.614090089511.issue9965@psf.upfronthosting.co.za>
2010-09-28 00:45:25	alexandre.vassalotti	link	issue9965 messages
2010-09-28 00:45:24	alexandre.vassalotti	create