#4433 NORM Never A: Potential for arbitrary code execution due to use of sharedstate/pickle
Zarro Boogs per Child
bugtracker at laptop.org
Wed Oct 24 08:33:42 EDT 2007
#4433: Potential for arbitrary code execution due to use of sharedstate/pickle
---------------------------------+------------------------------------------
Reporter: smcv | Owner: rwh
Type: defect | Status: new
Priority: normal | Milestone: Never Assigned
Component: calculator-activity | Version:
Keywords: | Verified: 0
---------------------------------+------------------------------------------
Calculate uses the sharedstate module, which sends data over Tubes as
Python pickles. The Python documentation contains this:
'''Warning''': The pickle module is not intended to be secure against
erroneous or maliciously constructed data. Never unpickle data received
from an untrusted or unauthenticated source.
The Collabora team may be able to help you to devise a better D-Bus Tubes
API for Calculate, particularly if you can let us know what the
requirements are in terms of messages between participants. (If I have
time, I'm going to go round all the core/bundled activities reviewing and
improving their D-Bus APIs.)
--
Ticket URL: <https://dev.laptop.org/ticket/4433>
One Laptop Per Child <https://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list