51 lines
1.4 KiB
Text
51 lines
1.4 KiB
Text
|
|
:experimental:
|
|
|
|
[[chap-Defensive_Coding-Python]]
|
|
= The Python Programming Language
|
|
|
|
Python provides memory safety by default, so low-level security
|
|
vulnerabilities are rare and typically needs fixing the Python
|
|
interpreter or standard library itself.
|
|
|
|
Other sections with Python-specific advice include:
|
|
|
|
* <<chap-Defensive_Coding-Tasks-Temporary_Files>>
|
|
|
|
* <<sect-Defensive_Coding-Tasks-Processes-Creation>>
|
|
|
|
* <<chap-Defensive_Coding-Tasks-Serialization>>, in
|
|
particular <<sect-Defensive_Coding-Tasks-Serialization-Library>>
|
|
|
|
* <<sect-Defensive_Coding-Tasks-Cryptography-Randomness>>
|
|
|
|
== Dangerous Standard Library Features
|
|
|
|
Some areas of the standard library, notably the
|
|
`ctypes` module, do not provide memory safety
|
|
guarantees comparable to the rest of Python. If such
|
|
functionality is used, the advice in <<sect-Defensive_Coding-C-Language>> should be followed.
|
|
|
|
== Run-time Compilation and Code Generation
|
|
|
|
The following Python functions and statements related to code
|
|
execution should be avoided:
|
|
|
|
* `compile`
|
|
|
|
* `eval`
|
|
|
|
* `exec`
|
|
|
|
* `execfile`
|
|
|
|
If you need to parse integers or floating point values, use the
|
|
`int` and `float`
|
|
functions instead of `eval`. Sandboxing
|
|
untrusted Python code does not work reliably.
|
|
|
|
== Sandboxing
|
|
|
|
The `rexec` Python module cannot safely sandbox
|
|
untrusted code and should not be used. The standard CPython
|
|
implementation is not suitable for sandboxing.
|