[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

configparser v/s file variables

On 2018-06-28, Steven D'Aprano <steve+comp.lang.python at pearwood.info> wrote:

> So why give them the ability to escalate their privilege to that of
> your application (which probably can do lots of things they can't
> do) by directly executing Python code they supply?

To be fair, that situation isn't common.  The vast majority of
applications run with the exact same set of privledges as the user who
invoked them.  At least that's the case on Linux/Unix. Perhaps Windows
apps are different and the usual case is for many applications to have
dangerous capabilities that an average user who's invoking them
shouldn't have.  That sounds stupid enough to be something that would
be normal for Windows.

I still maintain it's a bad idea to run arbitrary code found in
user-edited config files.

There may be cases where somebody has figured out how to muck with a
config file that's shared among multiple users, or has tricked
somebody into including something from an untrusted source in an
include file.

Or there could be users who don't know what they're doing and
unwittingly type something harmful into a config file:

  bad_command = os.system("rm -rf ~/*")

Yes, I know, users would never be that dumb...

Grant Edwards               grant.b.edwards        Yow! Everybody gets free
                                  at               BORSCHT!