[Dailydave] Google Apps Engine

Lutz Böhne lboehne at damogran.de
Fri Apr 11 10:33:14 EDT 2008 

> Even those could easily be sanitized by just some fun with function
> pointers.
> 
>     >>> open=lambda *x: "no"
>     >>> open('/etc/passwd')
>     'no'

Unless there are other ways to find these functions:

    >>> __builtins__.__dict__["open"]( '/etc/passwd')
    <open file '/etc/passwd', mode 'r' at 0xb7dac7b8>

or even:

    >>> open=lambda *x: "no"
    >>> open('/etc/passwd')
    'no'
    >>> del open
    >>> open('/etc/passwd')
    <open file '/etc/passwd', mode 'r' at 0xb7db44a0>

Python is fun, there are so many ways to have it do what you want ;)

It might be possible to remove these functions like this:

    >>> del __builtins__.__dict__["open"]
    >>> open('/etc/passwd')
    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
    NameError: name 'open' is not defined
    [...]

But i don't know whether that'd get rid of all problems.

Best regards,

Lutz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
Url : http://lists.immunitysec.com/pipermail/dailydave/attachments/20080411/bfcac9f5/attachment.pgp

More information about the Dailydave mailing list