[Checkins] SVN: AccessControl/trunk/ LP #1047318: Tighten import restrictions for restricted code.
Hano Schlichting
cvs-admin at zope.org
Sun Sep 9 13:03:54 UTC 2012
Log message for revision 127799:
LP #1047318: Tighten import restrictions for restricted code.
Changed:
U AccessControl/trunk/CHANGES.txt
U AccessControl/trunk/setup.py
U AccessControl/trunk/src/AccessControl/SecurityInfo.py
U AccessControl/trunk/src/AccessControl/ZopeGuards.py
U AccessControl/trunk/src/AccessControl/__init__.py
U AccessControl/trunk/src/AccessControl/tests/testModuleSecurity.py
U AccessControl/trunk/src/AccessControl/tests/testZopeGuards.py
-=-
Modified: AccessControl/trunk/CHANGES.txt
===================================================================
--- AccessControl/trunk/CHANGES.txt 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/CHANGES.txt 2012-09-09 13:03:51 UTC (rev 127799)
@@ -1,9 +1,10 @@
Changelog
=========
-3.0.4 (unreleased)
+3.0.4 (2012-09-09)
------------------
+- LP #1047318: Tighten import restrictions for restricted code.
3.0.3 (2012-08-23)
------------------
Modified: AccessControl/trunk/setup.py
===================================================================
--- AccessControl/trunk/setup.py 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/setup.py 2012-09-09 13:03:51 UTC (rev 127799)
@@ -16,7 +16,7 @@
from setuptools import setup, find_packages, Extension
setup(name='AccessControl',
- version='3.0.4dev',
+ version='3.0.4',
url='http://pypi.python.org/pypi/AccessControl',
license='ZPL 2.1',
description="Security framework for Zope2.",
Modified: AccessControl/trunk/src/AccessControl/SecurityInfo.py
===================================================================
--- AccessControl/trunk/src/AccessControl/SecurityInfo.py 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/src/AccessControl/SecurityInfo.py 2012-09-09 13:03:51 UTC (rev 127799)
@@ -250,7 +250,9 @@
def secureModule(mname, *imp):
modsec = _moduleSecurity.get(mname, None)
if modsec is None:
- return
+ if mname in _appliedModuleSecurity:
+ return sys.modules[mname]
+ return # no MSI, no module
if imp:
__import__(mname, *imp)
Modified: AccessControl/trunk/src/AccessControl/ZopeGuards.py
===================================================================
--- AccessControl/trunk/src/AccessControl/ZopeGuards.py 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/src/AccessControl/ZopeGuards.py 2012-09-09 13:03:51 UTC (rev 127799)
@@ -344,20 +344,16 @@
safe_builtins['sum'] = guarded_sum
def load_module(module, mname, mnameparts, validate, globals, locals):
- modules = sys.modules
while mnameparts:
nextname = mnameparts.pop(0)
if mname is None:
mname = nextname
else:
mname = '%s.%s' % (mname, nextname)
- nextmodule = modules.get(mname, None)
- if nextmodule is None:
- nextmodule = secureModule(mname, globals, locals)
- if nextmodule is None:
- return
- else:
- secureModule(mname)
+ # import (if not already imported) and check for MSI
+ nextmodule = secureModule(mname, globals, locals)
+ if nextmodule is None: # not allowed
+ return
if module and not validate(module, module, nextname, nextmodule):
return
module = nextmodule
Modified: AccessControl/trunk/src/AccessControl/__init__.py
===================================================================
--- AccessControl/trunk/src/AccessControl/__init__.py 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/src/AccessControl/__init__.py 2012-09-09 13:03:51 UTC (rev 127799)
@@ -26,8 +26,15 @@
from AccessControl.SecurityInfo import allow_module
from AccessControl.SecurityInfo import allow_class
from AccessControl.SimpleObjectPolicies import allow_type
-from AccessControl.unauthorized import Unauthorized # XXX
+from AccessControl.unauthorized import Unauthorized
from AccessControl.ZopeGuards import full_write_guard
from AccessControl.ZopeGuards import safe_builtins
ModuleSecurityInfo('AccessControl').declarePublic('getSecurityManager')
+
+# allow imports of utility_builtins
+
+for name in ('string', 'math', 'random', 'sets'):
+ ModuleSecurityInfo(name).setDefaultAccess('allow')
+
+ModuleSecurityInfo('DateTime').declarePublic('DateTime')
Modified: AccessControl/trunk/src/AccessControl/tests/testModuleSecurity.py
===================================================================
--- AccessControl/trunk/src/AccessControl/tests/testModuleSecurity.py 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/src/AccessControl/tests/testModuleSecurity.py 2012-09-09 13:03:51 UTC (rev 127799)
@@ -42,6 +42,9 @@
from AccessControl.ZopeGuards import guarded_import
guarded_import(module, fromlist=fromlist, level=level)
+ def test_unprotected_module(self):
+ self.assertUnauth('os', ())
+
def testPrivateModule(self):
self.assertUnauth('AccessControl.tests.private_module', ())
self.assertUnauth('AccessControl.tests.private_module', ('priv',))
Modified: AccessControl/trunk/src/AccessControl/tests/testZopeGuards.py
===================================================================
--- AccessControl/trunk/src/AccessControl/tests/testZopeGuards.py 2012-09-09 13:03:03 UTC (rev 127798)
+++ AccessControl/trunk/src/AccessControl/tests/testZopeGuards.py 2012-09-09 13:03:51 UTC (rev 127799)
@@ -756,10 +756,6 @@
g['__name__'] = __name__ # so classes can be defined in the script
return code, g
- def testPythonRealAC(self):
- code, its_globals = self._compile("actual_python.py")
- exec code in its_globals
-
# Compile code in fname, as restricted Python. Return the
# compiled code, and a safe globals dict for running it in.
# fname is the string name of a Python file; it must be found
More information about the checkins
mailing list