diff options
author | Fred Drake <fdrake@acm.org> | 2002-08-27 16:46:06 (GMT) |
---|---|---|
committer | Fred Drake <fdrake@acm.org> | 2002-08-27 16:46:06 (GMT) |
commit | 80a04a4894fea84c76e316a6cf75c2618b03f0b1 (patch) | |
tree | 2c0982cbd50525a6edff408efe8ef16a7d4a3020 /Doc | |
parent | 246beb25269bf0d2716f8b3cd474625dbae156d2 (diff) | |
download | cpython-80a04a4894fea84c76e316a6cf75c2618b03f0b1.zip cpython-80a04a4894fea84c76e316a6cf75c2618b03f0b1.tar.gz cpython-80a04a4894fea84c76e316a6cf75c2618b03f0b1.tar.bz2 |
Add strong security warning about the rexec module.
Closes SF patch #600861.
Minor markup changes.
Diffstat (limited to 'Doc')
-rw-r--r-- | Doc/lib/librexec.tex | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/Doc/lib/librexec.tex b/Doc/lib/librexec.tex index ff6cdc4..71ae9a3 100644 --- a/Doc/lib/librexec.tex +++ b/Doc/lib/librexec.tex @@ -5,7 +5,6 @@ \modulesynopsis{Basic restricted execution framework.} - This module contains the \class{RExec} class, which supports \method{r_eval()}, \method{r_execfile()}, \method{r_exec()}, and \method{r_import()} methods, which are restricted versions of the standard @@ -15,10 +14,23 @@ Code executed in this restricted environment will only have access to modules and functions that are deemed safe; you can subclass \class{RExec} to add or remove capabilities as desired. -\note{The \class{RExec} class can prevent code from performing -unsafe operations like reading or writing disk files, or using TCP/IP -sockets. However, it does not protect against code using extremely -large amounts of memory or processor time.} +\begin{notice}[warning] + While the \module{rexec} module is designed to perform as described + below, it does have a few known vulnerabilities which could be + exploited by carefully written code. Thus it should not be relied + upon in situations requiring ``production ready'' security. In such + situations, execution via sub-processes or very careful + ``cleansing'' of both code and data to be processed may be + necessary. Alternatively, help in patching known \module{rexec} + vulnerabilities would be welcomed. +\end{notice} + +\begin{notice} + The \class{RExec} class can prevent code from performing unsafe + operations like reading or writing disk files, or using TCP/IP + sockets. However, it does not protect against code using extremely + large amounts of memory or processor time. +\end{notice} \begin{classdesc}{RExec}{\optional{hooks\optional{, verbose}}} Returns an instance of the \class{RExec} class. |