有安全的封送人吗? [英] is there a safe marshaler?
问题描述
泡菜和元帅不安全。如果输入恶意构造的数据,他们可以做有害的事情。
这很可惜,因为元帅很快。
我需要一个快速的安全(安全)marshaler。
xdrlib是唯一的选择吗?
我希望它快速而安全,因为
it(xdr) spec)已经存在了这么久。
或者有更好的选择(也许是第三方库)?
谢谢
Irmen。
Pickle and marshal are not safe. They can do harmful
things if fed maliciously constructed data.
That is a pity, because marshal is fast.
I need a fast and safe (secure) marshaler.
Is xdrlib the only option?
I would expect that it is fast and safe because
it (the xdr spec) has been around for so long.
Or are there better options (perhaps 3rd party libraries)?
Thanks
Irmen.
推荐答案
Irmen de Jongaécrit:
Irmen de Jong a écrit :
泡菜和元帅不是安全。如果提供恶意构造的数据,他们可以做有害的事情。
很遗憾,因为元帅很快。
我需要一个快速安全的(安全的)封送器。
是xdrlib唯一的选择?
我希望它快速而安全,因为它(xdr规范)已存在很长时间了。
或者有更好的选择(也许第三方图书馆)?
谢谢
Irmen。
Pickle and marshal are not safe. They can do harmful
things if fed maliciously constructed data.
That is a pity, because marshal is fast.
I need a fast and safe (secure) marshaler.
Is xdrlib the only option?
I would expect that it is fast and safe because
it (the xdr spec) has been around for so long.
Or are there better options (perhaps 3rd party libraries)?
Thanks
Irmen.
安全是什么意思? ?您想确保您的对象
无法接收损坏的数据吗?你想确保在解组期间没有代码将被评估吗?
请更确切地说,
Pierre
What exactly do you mean by "safe" ? Do you want to ensure your objects
cannot receive corrupted data ? Do you want to ensure no code will be
evaluated during the unmarshalling ?
Please, be more precise,
Pierre
Irmen de Jong写道:
Irmen de Jong wrote:
泡菜和元帅不安全。如果提供恶意构建的数据,他们可以做有害的事情。
很遗憾,因为元帅很快。
我认为元帅可以修复;唯一不安全的我知道的是
当面对不正确的输入时,它并不总是理性行动
就像坏类型代码或截断输入一样。它只接收内置类型的
实例,并且由于
unmarshalling它从不执行用户代码。
也许有人会对
解组代码提交补丁感兴趣?由于这是一个安全修复程序,我们甚至会接受修复
为2.3。
我需要一个快速安全(安全)的封送器。
是xdrlib唯一的选择?
我希望它快速而安全,因为它(xdr spec)已经存在了这么久。
Pickle and marshal are not safe. They can do harmful
things if fed maliciously constructed data.
That is a pity, because marshal is fast.
I think marshal could be fixed; the only unsafety I''m aware of is that
it doesn''t always act rationally when confronted with incorrect input
like bad type codes or truncated input. It only receives instances of
the built-in types and it never executes user code as a result of
unmarshalling.
Perhaps someone would be interested in submitting a patch to the
unmarshalling code? Since this is a security fix we''d even accept a fix
for 2.3.
I need a fast and safe (secure) marshaler.
Is xdrlib the only option?
I would expect that it is fast and safe because
it (the xdr spec) has been around for so long.
我不希望它特别快,因为它主要以Python速度运行
。我认为它可能是安全的,但如果我是你,我仍然会进行彻底的代码审查 - 代码比我的b / b
更早意识到这个漏洞远程数据类型
转账。
--Guido
I don''t expect that to be particularly fast, since it mostly operates
at Python speed. I think it could be safe but I would still do a
thorough code review if I were you -- the code is older than my
awareness of the vulnerabilities inherent in this kind of remote data
transfer.
--Guido
Pierre Barbier de Reuille写道:
Pierre Barbier de Reuille wrote:
Irmen de Jongaécrit:
Irmen de Jong a écrit :
泡菜和元帅不安全。如果提供恶意构造的数据,他们可以做有害的事情。
很遗憾,因为元帅很快。
我需要一个快速安全的(安全的)封送器。
是xdrlib唯一的选择?
我希望它快速而安全,因为它(xdr规范)已存在很长时间了。
或者有更好的选择(也许第三方图书馆)?
谢谢
Irmen。
Pickle and marshal are not safe. They can do harmful
things if fed maliciously constructed data.
That is a pity, because marshal is fast.
I need a fast and safe (secure) marshaler.
Is xdrlib the only option?
I would expect that it is fast and safe because
it (the xdr spec) has been around for so long.
Or are there better options (perhaps 3rd party libraries)?
Thanks
Irmen.
安全是什么意思? ?您想确保您的对象无法接收损坏的数据吗?您想确保在解组期间不会对代码进行评估吗?
What exactly do you mean by "safe" ? Do you want to ensure your objects
cannot receive corrupted data ? Do you want to ensure no code will be
evaluated during the unmarshalling ?
安全(安全)
但更确切地说,让我们看看
在编组文档中的安全警告:
"编组模块不是为了安全错误或
恶意构造的数据。永远不要从
不受信任或未经验证的来源收集数据。
所以基本上我希望与此相反;-)
我想要一个可以在其处理的数据处使用的marshalar
来自未知的外部源(不可信)。它不应该在损坏的数据上崩溃
并且它不应该在
解组时执行任意代码,因此它可以安全地防止黑客攻击。
哦,最好,它应该很快:)
一些XML-ish的东西可能是安全的但可能根本不快。
理想情况下它应该能够传输用户定义的Python类型,
但是如果它像marshal(只能封送内置类型)那么'
也可以。
--Irmen
"safe (secure)"
But to be more precise, let''s look at the security warning that
is in the marshal documentation:
"The marshal module is not intended to be secure against erroneous or
maliciously constructed data. Never unmarshal data received from an
untrusted or unauthenticated source."
So essentially I want the opposite of that ;-)
I want a marshalar that is okay to use where the data it processes
comes from unknown, external sources (untrusted). It should not crash
on corrupt data and it should not execute arbitrary code when
unmarshaling, so that it is safe against hacking attempts.
Oh, preferrably, it should be fast :)
Some XML-ish thing may be secure but is likely to be not fast at all.
Ideally it should be able to transfer user defined Python types,
but if it is like marshal (can only marshal builtin types) that''s
okay too.
--Irmen
这篇关于有安全的封送人吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
