[Zope-Checkins] CVS: Zope/lib/python/RestrictedPython/tests - security_in_syntax.py:1.4.68.3 testRestrictions.py:1.14.68.1

Shane Hathaway cvs-admin at zope.org
Thu Nov 6 11:57:14 EST 2003


Update of /cvs-repository/Zope/lib/python/RestrictedPython/tests
In directory cvs.zope.org:/tmp/cvs-serv13414/tests

Modified Files:
      Tag: Zope-2_7-branch
	security_in_syntax.py testRestrictions.py 
Log Message:
Made the tests compatible with Python 2.2.

Also added a test that verifies exception handlers can't assign a bad name.


=== Zope/lib/python/RestrictedPython/tests/security_in_syntax.py 1.4.68.2 => 1.4.68.3 ===
--- Zope/lib/python/RestrictedPython/tests/security_in_syntax.py:1.4.68.2	Wed Nov  5 19:38:00 2003
+++ Zope/lib/python/RestrictedPython/tests/security_in_syntax.py	Thu Nov  6 11:57:13 2003
@@ -2,6 +2,8 @@
 # compile_restricted() but not when using compile().
 # Each function in this module is compiled using compile_restricted().
 
+from __future__ import generators
+
 def overrideGuardWithFunction():
     def _getattr(o): return o
 
@@ -40,3 +42,12 @@
 
 def import_as_bad_name():
     import os as _leading_underscore
+
+def except_using_bad_name():
+    try:
+        foo
+    except NameError, _leading_underscore:
+        # The name of choice (say, _write) is now assigned to an exception
+        # object.  Hard to exploit, but conceivable.
+        pass
+


=== Zope/lib/python/RestrictedPython/tests/testRestrictions.py 1.14 => 1.14.68.1 ===
--- Zope/lib/python/RestrictedPython/tests/testRestrictions.py:1.14	Wed Aug 14 17:44:31 2002
+++ Zope/lib/python/RestrictedPython/tests/testRestrictions.py	Thu Nov  6 11:57:13 2003
@@ -127,6 +127,12 @@
         raise AccessDenied
     return v
 
+def minimal_import(name, _globals, _locals, names):
+    if name != "__future__":
+        raise ValueError, "Only future imports are allowed"
+    import __future__
+    return __future__
+
 
 class TestGuard:
     '''A guard class'''
@@ -152,7 +158,6 @@
         _ob = self.__dict__['_ob']
         _ob[lo:hi] = value
 
-##    attribute_of_anything = 98.6
 
 class RestrictionTests(unittest.TestCase):
     def execFunc(self, name, *args, **kw):
@@ -222,11 +227,12 @@
         f.close()
         # Unrestricted compile.
         code = compile(source, fn, 'exec')
-        m = {'__builtins__':None}
+        m = {'__builtins__': {'__import__':minimal_import}}
         exec code in m
         for k, v in m.items():
             if hasattr(v, 'func_code'):
                 filename, source = find_source(fn, v.func_code)
+                source = "from __future__ import generators\n\n" + source
                 # Now compile it with restrictions
                 try:
                     code = compile_restricted(source, filename, 'exec')
@@ -235,10 +241,6 @@
                     pass
                 else:
                     raise AssertionError, '%s should not have compiled' % k
-
-##    def checkStrangeAttribute(self):
-##        res = self.execFunc('strange_attribute')
-##        assert res == 98.6, res
 
     def checkOrderOfOperations(self):
         res = self.execFunc('order_of_operations')




More information about the Zope-Checkins mailing list