[Zope] Security and resposability
p.t.
p.training@tin.it
Sat, 15 Jun 2002 20:45:00 +0200
I'm in some troubles with two problems: one is concerning session and the
other security.
The session problem is connected with references maintaned in items
(specifically dictionary) stored in a session to the original objects.
The list helped me to understand that copy() and deepcopy() exist: this
could have solved the problem. However, the Python module copy is not
loadable for security resons.
Some time ago I had the necessity to evaluate a string, that could be done
using eval(). However, eval() is not usable for security resons.
Both situations can be overidden using an External Method "safe_eval" (as
pointed out by Dieter Maurer in an answer to my thread dictionary
definition and strings on 4 Apr 2002).
Now, I would have no technical difficulties doing that, but, for a
"political" decision of the institution using the product, everything
developed must be usable with the current "standard" version of Zope,
without modifying even a comma on the original downloaded files. This means
no External Method "safe_eval".
Now, my question is: why limit the usage of methods like copy(), deepcopy()
and eval()?
The usual answer is to rise the security treshold.
OK, but this is also an "a priori" limitation of developer responsability.
I believe that I understand the troubles an evaluation of a client query
could produce.
But can some guru explain to me how an hacker could produce crashes or some
other sever damages if I use such methods to evaluate an internally
generated string or deepcopying an internally generated dictionary?
Sorry for the long message.
p.t.