PythonScripts: possible DOS attack via extensive memory usage

I have no idea how to prevent this.

Perhaps there's a way to do this using some bytecode magic.

Note that the whole idea of letting untrusted users write Python
scripts (or ZPT or DTML) is silly to begin with. We keep forgetting
this. :)

Jim

On Aug 12, 2008, at 3:35 PM, M.-A. Lemburg wrote:

> I have no idea how to prevent this.
>
> Perhaps there's a way to do this using some bytecode magic.
>
> --
> PythonScripts: possible DOS attack via extensive memory usage
> https://bugs.launchpad.net/bugs/257398
> You received this bug notification because you are a member of Zope
> Security Team, which is a direct subscriber.

--
Jim Fulton
Zope Corporation

On 2008-08-12 21:48, Jim Fulton wrote:
> Note that the whole idea of letting untrusted users write Python
> scripts (or ZPT or DTML) is silly to begin with. We keep forgetting
> this. :)

Agreed :-)

OTOH, I think that PythonScripts give a false sense of security by
declaring: "Python Scripts can contain a "safe" subset of the python
language. Python Scripts must be safe because they can be potentially
edited by many different users through an insecure medium like the web."

--
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source (#1, Aug 12 2008)
 >>> Python/Zope Consulting and Support ... http://www.egenix.com/
 >>> mxODBC.Zope.Database.Adapter ... http://zope.egenix.com/
 >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________

:::: Try mxODBC.Zope.DA for Windows,Linux,Solaris,MacOSX for free ! ::::

    eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
     D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
            Registered at Amtsgericht Duesseldorf: HRB 46611

On Aug 12, 2008, at 4:27 PM, M.-A. Lemburg wrote:

> On 2008-08-12 21:48, Jim Fulton wrote:
>> Note that the whole idea of letting untrusted users write Python
>> scripts (or ZPT or DTML) is silly to begin with. We keep forgetting
>> this. :)
>
> Agreed :-)
>
> OTOH, I think that PythonScripts give a false sense of security by
> declaring: "Python Scripts can contain a "safe" subset of the python
> language. Python Scripts must be safe because they can be potentially
> edited by many different users through an insecure medium like the
> web."

Yes. This was a mistake.

Jim

--
Jim Fulton
Zope Corporation

The issue exists. You can give access to PythonScripts to less knowledgable users to protect them from mistakes. Giving it to untrusted and potentially evil users was indeed never a good idea.

I don't see why this is "Confirmed", unless you mean to treat it as a documentation bug.: there is quite literally nothing to be done about the reported behavior.

Yes, I think this is a documentation issue.

I changed some of the wording in the Zope 2 book to state this clearer.

The chapter on scripting Python did include a very clear statement for the past number of years, so this shouldn't be any real news:

Despite these limits, a determined user could use large amounts of CPU time and memory using Python-based Scripts. So malicious scripts could constitute a kind of denial of service attack by using lots of resources.