recec & Bastion ?

[Erik Johnson]

The documentation for these two modules says that they were disabled in
Python 2.3 due to security holes not easily fixable. I have not worked with
them, but I can still import them under Python 2.4, so I'm not clear on
whether the security problems were fixed in Python itself, or whether the
modules remain deprecated (disabled?)? How are/were they actually disabled?
Any place that documents what the problems are? Any alternatives?

Thanks,
-ej

 

[Erik Johnson]

I mean, of course, rexec (not recec) and Bastion

 

[Gabriel Genellina]

The documentation for these two modules says that they were disabled
in
Python 2.3 due to security holes not easily fixable. I have not worked
with
them, but I can still import them under Python 2.4, so I'm not clear on
whether the security problems were fixed in Python itself, or whether the
modules remain deprecated (disabled?)? How are/were they actually
disabled?
Any place that documents what the problems are? Any alternatives?

They were unsecure in 2003, and still are. This example still works (you
have to re-enable Bastion.py and rexec.py to test, removing the explicit
RuntimeError raise)
http://mail.python.org/pipermail/python-dev/2003-January/031851.html

With new-style classes you can create new instances using type(), by
example; this way you can bypass the read-only restriction on files.
The language has grown plenty of new attributes, they're very handy, but
provide a lot of security holes; like __subclasses__ by example.

As far as I know, Python can't secure itself by now. I think you have to
go outside Python, using a chroot jail by example.