DIsable Python module
Is there any way to disable a module from being loaded on my system? Let's say i would like to restrict my users from accessing the subprocess or popen2 module. Something like PHP's 'disabled_func开发者_JAVA技巧tions' or any similar method to achieve the same thing.
As @Thomas points out, blacklisting is a pretty poor mechanism for implementing any security mechanisms. Whitelisting is a much safer approach.
But a mechanism inside the interpreter isn't particularly excellent for any number of reasons: flaws in the interpreter that are exploitable at the source code level would allow users to walk right past any mechanisms built in at that level (and the PHP team asked Linux vendors to stop calling this a security problem, because (a) they fixed one of these every week and (b) trying to confine an untrusted user-supplied script is pretty much an impossible task -- use FastCGI or similar tools for potentially untrusted scripts).
The Python interpreter is probably not designed to handle malicious input, so don't treat it as such.
If you really want to confine what untrusted users can do with Python scripts, a few pieces of advice: Do not use mod_python or anything like it. Use FastCGI or similar tools that you let specify the user account that should run the script and won't execute the script as your webserver user. And learn how to configure SELinux or AppArmor to confine what that process can do -- an hour setting up one of these tools might save you huge headaches down the road, plus you get to laugh at all the cute little exploit attempts that fail.
精彩评论