RestrictedPython 5.3a1.dev0__py2.py3-none-any.whl → 5.4__py2.py3-none-any.whl

RestrictedPython/Eval.py

@@ -12,11 +12,11 @@
 ##############################################################################
 """Restricted Python Expressions."""
 
-import ast
-
 from ._compat import IS_PY2
 from .compile import compile_restricted_eval
 
+import ast
+
 
 if IS_PY2:  # pragma: PY2
     from string import maketrans

RestrictedPython/Guards.py

@@ -264,9 +264,12 @@ def safer_getattr(object, name, default=None, getattr=getattr):
     http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/
 
     """
-    if isinstance(object, _compat.basestring) and name == 'format':
+    if name in ('format', 'format_map') and (
+            isinstance(object, _compat.basestring) or (
+            isinstance(object, type)
+            and issubclass(object, _compat.basestring))):
         raise NotImplementedError(
-            'Using format() on a %s is not safe.' % object.__class__.__name__)
+            'Using the string format* methods is not safe')
     if name.startswith('_'):
         raise AttributeError(
             '"{name}" is an invalid attribute name because it '

RestrictedPython/Utilities.py

@@ -18,7 +18,21 @@ import string
 
 utility_builtins = {}
 
-utility_builtins['string'] = string
+
+class _AttributeDelegator:
+    def __init__(self, mod, *excludes):
+        """delegate attribute lookups outside *excludes* to module *mod*."""
+        self.__mod = mod
+        self.__excludes = excludes
+
+    def __getattr__(self, attr):
+        if attr in self.__excludes:
+            raise NotImplementedError(
+                "{}.{} is not safe".format(self.__mod.__name__, attr))
+        return getattr(self.__mod, attr)
+
+
+utility_builtins['string'] = _AttributeDelegator(string, "Formatter")
 utility_builtins['math'] = math
 utility_builtins['random'] = random
 utility_builtins['whrandom'] = random

RestrictedPython/compile.py

@@ -1,11 +1,11 @@
-import ast
-import warnings
 from collections import namedtuple
-
 from RestrictedPython._compat import IS_CPYTHON
 from RestrictedPython._compat import IS_PY2
 from RestrictedPython.transformer import RestrictingNodeTransformer
 
+import ast
+import warnings
+
 
 CompileResult = namedtuple(
     'CompileResult', 'code, errors, warnings, used_names')

RestrictedPython/transformer.py

@@ -22,16 +22,16 @@ the parsed python code to create a modified AST for a byte code generation.
 # http://docs.plone.org/develop/styleguide/python.html
 
 
-import ast
-import contextlib
-import textwrap
-
 from ._compat import IS_PY2
 from ._compat import IS_PY3
 from ._compat import IS_PY34_OR_GREATER
 from ._compat import IS_PY35_OR_GREATER
 from ._compat import IS_PY38_OR_GREATER
 
+import ast
+import contextlib
+import textwrap
+
 
 # For AugAssign the operator must be converted to a string.
 IOPERATOR_TO_STR = {
@@ -77,6 +77,32 @@ FORBIDDEN_FUNC_NAMES = frozenset([
     'breakpoint',
 ])
 
+# inspect attributes. See also
+# https://docs.python.org/3/library/inspect.html
+INSPECT_ATTRIBUTES = frozenset([
+    # traceback
+    "tb_frame",
+    "tb_next",
+    # code
+    "co_code",
+    # frame
+    "f_back",
+    "f_builtins",
+    "f_code",
+    "f_globals",
+    "f_locals",
+    "f_trace",
+    # generator
+    "gi_frame",
+    "gi_code",
+    "gi_yieldfrom",
+    # coroutine
+    "cr_await",
+    "cr_frame",
+    "cr_code",
+    "cr_origin",
+])
+
 
 # When new ast nodes are generated they have no 'lineno' and 'col_offset'.
 # This function copies these two fields from the incoming node
@@ -923,6 +949,14 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
                 '"{name}" is an invalid attribute name because it ends '
                 'with "__roles__".'.format(name=node.attr))
 
+        if node.attr in INSPECT_ATTRIBUTES:
+            msg = ('"%s" is a restricted name,'
+                   ' that is forbidden to access in RestrictedPython.')
+            self.error(
+                node,
+                msg % node.attr,
+            )
+
         if isinstance(node.ctx, ast.Load):
             node = self.node_contents_visit(node)
             new_node = ast.Call(

{RestrictedPython-5.3a1.dev0.dist-info → RestrictedPython-5.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: RestrictedPython
-Version: 5.3a1.dev0
+Version: 5.4
 Summary: RestrictedPython is a defined subset of the Python language which allows to provide a program input into a trusted environment.
 Home-page: https://github.com/zopefoundation/RestrictedPython
 Author: Zope Foundation and Contributors
@@ -10,7 +10,6 @@ Project-URL: Documentation, https://restrictedpython.readthedocs.io/
 Project-URL: Source, https://github.com/zopefoundation/RestrictedPython
 Project-URL: Tracker, https://github.com/zopefoundation/RestrictedPython/issues
 Keywords: restricted execution security untrusted code
-Platform: UNKNOWN
 Classifier: Development Status :: 6 - Mature
 Classifier: License :: OSI Approved :: Zope Public License
 Classifier: Programming Language :: Python
@@ -26,7 +25,7 @@ Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Topic :: Security
-Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <3.12
+Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <3.11
 Description-Content-Type: text/x-rst
 License-File: LICENSE.txt
 Provides-Extra: docs
@@ -120,11 +119,23 @@ This example directly executed in Python could harm your system.
 Changes
 =======
 
-5.3a1.dev0 (2022-04-13)
------------------------
+5.4 (2023-08-30)
+----------------
+
+Fixes
++++++
+
+- Fix information disclosure problems through
+  Python's "format" functionality
+  (``format`` and ``format_map`` methods on ``str``/``unicode`` and
+  their instances,
+  ``string.Formatter``).
 
-- Allow to use the package with Python 3.11 -- Caution: No security audit has
-  been done so far.
+
+5.3 (2023-07-08)
+----------------
+
+- Forbid using some attributes providing access to restricted Python internals.
 
 
 5.2 (2021-11-19)
@@ -364,5 +375,3 @@ Bug fixes
 
 - Corresponds to the verison of the RestrictedPython package shipped
   as part of the Zope X3.0.0 release.
-
-

RestrictedPython-5.4.dist-info/RECORD

@@ -0,0 +1,14 @@
+RestrictedPython/Eval.py,sha256=Aoe0YPXAmaY2DcTAycV76mXMtY7AyrvrHZk5pW6t4-4,3345
+RestrictedPython/Guards.py,sha256=TXAXFqwA5M1IPE_eTViyNMOJuDMWF2HPfbB6SWYjwKQ,8143
+RestrictedPython/Limits.py,sha256=dORpuly21vSjy8gzNac9IYfIXMMWRVFvqUiKKIeZ3OM,1866
+RestrictedPython/PrintCollector.py,sha256=jFXjgp8WLj4mEkojEBn5EH0CbpVxVL7qkPq-9czTsgg,1183
+RestrictedPython/Utilities.py,sha256=NpWDdA0H5GrxB8Ljtx4zv_0Xj89gJjXeB_kW6pisijc,2967
+RestrictedPython/__init__.py,sha256=qB_s6zDxuXPAGMoKYKBMc-xZ0gTnQ0ZvtY5FxdAG3aM,1862
+RestrictedPython/_compat.py,sha256=0yS5CXqTswBoH0iNYFGYzpWv-VFLYiZPPaOJS70Ji6Q,713
+RestrictedPython/compile.py,sha256=vQkXBUDTC4Ng_gX5lGK9AVp61yvy8VdKv9xEamdtv9I,6920
+RestrictedPython/transformer.py,sha256=T9tzDZW8NrkCvG78HzlB9KRbgQztAckAFeCmDoc27Yk,50038
+RestrictedPython-5.4.dist-info/LICENSE.txt,sha256=PmcdsR32h1FswdtbPWXkqjg-rKPCDOo_r1Og9zNdCjw,2070
+RestrictedPython-5.4.dist-info/METADATA,sha256=0hQNUC2lZ3PEr2MIGNeQ9M8c_ZTgbsBpkuIQ4jrSO30,11509
+RestrictedPython-5.4.dist-info/WHEEL,sha256=m9WAupmBd2JGDsXWQGJgMGXIWbQY3F5c2xBJbBhq0nY,110
+RestrictedPython-5.4.dist-info/top_level.txt,sha256=E1-3ARWcduVJnQAScms0FgqnBx_PovrzYsNMYuLGwa0,17
+RestrictedPython-5.4.dist-info/RECORD,,

{RestrictedPython-5.3a1.dev0.dist-info → RestrictedPython-5.4.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.37.1)
+Generator: bdist_wheel (0.41.1)
 Root-Is-Purelib: true
 Tag: py2-none-any
 Tag: py3-none-any

RestrictedPython-5.3a1.dev0.dist-info/RECORD

@@ -1,14 +0,0 @@
-RestrictedPython/Eval.py,sha256=oV0hkMJsXGnNEIjEbVkVj69uuhL9G5BgfTfQy-tHx6A,3345
-RestrictedPython/Guards.py,sha256=qFF0tgfZBkx3wFxAEljnorItuuUzXR1ue40fbimqP8k,8033
-RestrictedPython/Limits.py,sha256=dORpuly21vSjy8gzNac9IYfIXMMWRVFvqUiKKIeZ3OM,1866
-RestrictedPython/PrintCollector.py,sha256=jFXjgp8WLj4mEkojEBn5EH0CbpVxVL7qkPq-9czTsgg,1183
-RestrictedPython/Utilities.py,sha256=55M4T7k59Zugkf0Tt_kOddITLajxEobD9Hq0kJEmSMQ,2505
-RestrictedPython/__init__.py,sha256=qB_s6zDxuXPAGMoKYKBMc-xZ0gTnQ0ZvtY5FxdAG3aM,1862
-RestrictedPython/_compat.py,sha256=0yS5CXqTswBoH0iNYFGYzpWv-VFLYiZPPaOJS70Ji6Q,713
-RestrictedPython/compile.py,sha256=L5s5y1ZRo3DvKYqpjEbPt7Jm78sqEbeVlcc6m_NqWR0,6920
-RestrictedPython/transformer.py,sha256=QgQnESMhulAznEs99kt4DHcf_Q-fWco-lkmMxbh9WVg,49337
-RestrictedPython-5.3a1.dev0.dist-info/LICENSE.txt,sha256=PmcdsR32h1FswdtbPWXkqjg-rKPCDOo_r1Og9zNdCjw,2070
-RestrictedPython-5.3a1.dev0.dist-info/METADATA,sha256=2CUPDTQt4Iaj9dVH152WDfmw1r_eDOZV6npF3X4JbJQ,11326
-RestrictedPython-5.3a1.dev0.dist-info/WHEEL,sha256=z9j0xAa_JmUKMpmz72K0ZGALSM_n-wQVmGbleXx2VHg,110
-RestrictedPython-5.3a1.dev0.dist-info/top_level.txt,sha256=E1-3ARWcduVJnQAScms0FgqnBx_PovrzYsNMYuLGwa0,17
-RestrictedPython-5.3a1.dev0.dist-info/RECORD,,