RestrictedPython 7.2a1.dev0__py3-none-any.whl → 7.4__py3-none-any.whl

RestrictedPython/Guards.py

@@ -18,6 +18,7 @@
 import builtins
 
 from RestrictedPython._compat import IS_PY311_OR_GREATER
+from RestrictedPython.transformer import INSPECT_ATTRIBUTES
 
 
 safe_builtins = {}
@@ -239,6 +240,9 @@ def guarded_delattr(object, name):
 safe_builtins['delattr'] = guarded_delattr
 
 
+raise_ = object()
+
+
 def safer_getattr(object, name, default=None, getattr=getattr):
     """Getattr implementation which prevents using format on string objects.
 
@@ -246,22 +250,34 @@ def safer_getattr(object, name, default=None, getattr=getattr):
     http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/
 
     """
+    if type(name) is not str:
+        raise TypeError('type(name) must be str')
     if name in ('format', 'format_map') and (
             isinstance(object, str) or
             (isinstance(object, type) and issubclass(object, str))):
         raise NotImplementedError(
             'Using the format*() methods of `str` is not safe')
+    if name in INSPECT_ATTRIBUTES:
+        raise AttributeError(
+            f'"{name}" is a restricted name,'
+            ' that is forbidden to access in RestrictedPython.')
     if name.startswith('_'):
         raise AttributeError(
             '"{name}" is an invalid attribute name because it '
             'starts with "_"'.format(name=name)
         )
-    return getattr(object, name, default)
+    args = (object, name) + (() if default is raise_ else (default,))
+    return getattr(*args)
 
 
 safe_builtins['_getattr_'] = safer_getattr
 
 
+def safer_getattr_raise(object, name, default=raise_):
+    """like ``safer_getattr`` but raising ``AttributeError`` if failing."""
+    return safer_getattr(object, name, default)
+
+
 def guarded_iter_unpack_sequence(it, spec, _getiter_):
     """Protect sequence unpacking of targets in a 'for loop'.
 

RestrictedPython/Utilities.py

@@ -29,7 +29,11 @@ class _AttributeDelegator:
         if attr in self.__excludes:
             raise NotImplementedError(
                 f"{self.__mod.__name__}.{attr} is not safe")
-        return getattr(self.__mod, attr)
+        try:
+            return getattr(self.__mod, attr)
+        except AttributeError as e:
+            e.obj = self
+            raise
 
 
 utility_builtins['string'] = _AttributeDelegator(string, "Formatter")

RestrictedPython/_compat.py

@@ -3,7 +3,6 @@ import sys
 
 
 _version = sys.version_info
-IS_PY38_OR_GREATER = _version.major == 3 and _version.minor >= 8
 IS_PY310_OR_GREATER = _version.major == 3 and _version.minor >= 10
 IS_PY311_OR_GREATER = _version.major == 3 and _version.minor >= 11
 IS_PY312_OR_GREATER = _version.major == 3 and _version.minor >= 12

RestrictedPython/transformer.py

@@ -22,16 +22,6 @@ import ast
 import contextlib
 import textwrap
 
-from ._compat import IS_PY38_OR_GREATER
-
-
-# Avoid DeprecationWarnings under Python 3.12 and up
-if IS_PY38_OR_GREATER:
-    astStr = ast.Constant
-    astNum = ast.Constant
-else:  # pragma: no cover
-    astStr = ast.Str
-    astNum = ast.Num
 
 # For AugAssign the operator must be converted to a string.
 IOPERATOR_TO_STR = {
@@ -127,16 +117,14 @@ def copy_locations(new_node, old_node):
     assert 'lineno' in new_node._attributes
     new_node.lineno = old_node.lineno
 
-    if IS_PY38_OR_GREATER:
-        assert 'end_lineno' in new_node._attributes
-        new_node.end_lineno = old_node.end_lineno
+    assert 'end_lineno' in new_node._attributes
+    new_node.end_lineno = old_node.end_lineno
 
     assert 'col_offset' in new_node._attributes
     new_node.col_offset = old_node.col_offset
 
-    if IS_PY38_OR_GREATER:
-        assert 'end_col_offset' in new_node._attributes
-        new_node.end_col_offset = old_node.end_col_offset
+    assert 'end_col_offset' in new_node._attributes
+    new_node.end_col_offset = old_node.end_col_offset
 
     ast.fix_missing_locations(new_node)
 
@@ -280,7 +268,7 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
         """
         spec = ast.Dict(keys=[], values=[])
 
-        spec.keys.append(astStr('childs'))
+        spec.keys.append(ast.Constant('childs'))
         spec.values.append(ast.Tuple([], ast.Load()))
 
         # starred elements in a sequence do not contribute into the min_len.
@@ -300,12 +288,12 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
 
             elif isinstance(val, ast.Tuple):
                 el = ast.Tuple([], ast.Load())
-                el.elts.append(astNum(idx - offset))
+                el.elts.append(ast.Constant(idx - offset))
                 el.elts.append(self.gen_unpack_spec(val))
                 spec.values[0].elts.append(el)
 
-        spec.keys.append(astStr('min_len'))
-        spec.values.append(astNum(min_len))
+        spec.keys.append(ast.Constant('min_len'))
+        spec.values.append(ast.Constant(min_len))
 
         return spec
 
@@ -492,9 +480,8 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
             if isinstance(node, ast.Module):
                 _print.lineno = position
                 _print.col_offset = position
-                if IS_PY38_OR_GREATER:
-                    _print.end_lineno = position
-                    _print.end_col_offset = position
+                _print.end_lineno = position
+                _print.end_col_offset = position
                 ast.fix_missing_locations(_print)
             else:
                 copy_locations(_print, node)
@@ -535,63 +522,26 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
 
     # ast for Literals
 
-    if IS_PY38_OR_GREATER:
-
-        def visit_Constant(self, node):
-            """Allow constant literals with restriction for Ellipsis.
-
-            Constant replaces Num, Str, Bytes, NameConstant and Ellipsis in
-            Python 3.8+.
-            :see: https://docs.python.org/dev/whatsnew/3.8.html#deprecated
-            """
-            if node.value is Ellipsis:
-                # Deny using `...`.
-                # Special handling necessary as ``self.not_allowed(node)``
-                # would return the Error Message:
-                # 'Constant statements are not allowed.'
-                # which is only partial true.
-                self.error(node, 'Ellipsis statements are not allowed.')
-                return
-            return self.node_contents_visit(node)
-
-    else:
-
-        def visit_Num(self, node):
-            """Allow integer numbers without restrictions.
-
-            Replaced by Constant in Python 3.8.
-            """
-            return self.node_contents_visit(node)
-
-        def visit_Str(self, node):
-            """Allow string literals without restrictions.
-
-            Replaced by Constant in Python 3.8.
-            """
-            return self.node_contents_visit(node)
+    def visit_Constant(self, node):
+        """Allow constant literals with restriction for Ellipsis.
 
-        def visit_Bytes(self, node):
-            """Allow bytes literals without restrictions.
-
-            Replaced by Constant in Python 3.8.
-            """
-            return self.node_contents_visit(node)
-
-        def visit_Ellipsis(self, node):
-            """Deny using `...`.
-
-            Replaced by Constant in Python 3.8.
-            """
-            return self.not_allowed(node)
-
-        def visit_NameConstant(self, node):
-            """Allow constant literals (True, False, None) without ...
-
-            restrictions.
+        Constant replaces Num, Str, Bytes, NameConstant and Ellipsis in
+        Python 3.8+.
+        :see: https://docs.python.org/dev/whatsnew/3.8.html#deprecated
+        """
+        if node.value is Ellipsis:
+            # Deny using `...`.
+            # Special handling necessary as ``self.not_allowed(node)``
+            # would return the Error Message:
+            # 'Constant statements are not allowed.'
+            # which is only partial true.
+            self.error(node, 'Ellipsis statements are not allowed.')
+            return
+        return self.node_contents_visit(node)
 
-            Replaced by Constant in Python 3.8.
-            """
-            return self.node_contents_visit(node)
+    def visit_Interactive(self, node):
+        """Allow single mode without restrictions."""
+        return self.node_contents_visit(node)
 
     def visit_List(self, node):
         """Allow list literals without restrictions."""
@@ -911,7 +861,7 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
             node = self.node_contents_visit(node)
             new_node = ast.Call(
                 func=ast.Name('_getattr_', ast.Load()),
-                args=[node.value, astStr(node.attr)],
+                args=[node.value, ast.Constant(node.attr)],
                 keywords=[])
 
             copy_locations(new_node, node)
@@ -1115,7 +1065,7 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
                 value=ast.Call(
                     func=ast.Name('_inplacevar_', ast.Load()),
                     args=[
-                        astStr(IOPERATOR_TO_STR[type(node.op)]),
+                        ast.Constant(IOPERATOR_TO_STR[type(node.op)]),
                         ast.Name(node.target.id, ast.Load()),
                         node.value
                     ],

{RestrictedPython-7.2a1.dev0.dist-info → RestrictedPython-7.4.dist-info}/METADATA

@@ -1,10 +1,10 @@
 Metadata-Version: 2.1
 Name: RestrictedPython
-Version: 7.2a1.dev0
+Version: 7.4
 Summary: RestrictedPython is a defined subset of the Python language which allows to provide a program input into a trusted environment.
 Home-page: https://github.com/zopefoundation/RestrictedPython
 Author: Zope Foundation and Contributors
-Author-email: zope-dev@zope.org
+Author-email: zope-dev@zope.dev
 License: ZPL 2.1
 Project-URL: Documentation, https://restrictedpython.readthedocs.io/
 Project-URL: Source, https://github.com/zopefoundation/RestrictedPython
@@ -15,23 +15,23 @@ Classifier: License :: OSI Approved :: Zope Public License
 Classifier: Programming Language :: Python
 Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.7
 Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Topic :: Security
-Requires-Python: >=3.7, <3.14
+Requires-Python: >=3.8, <3.14
 Description-Content-Type: text/x-rst
 License-File: LICENSE.txt
 Provides-Extra: docs
-Requires-Dist: Sphinx ; extra == 'docs'
-Requires-Dist: sphinx-rtd-theme ; extra == 'docs'
+Requires-Dist: Sphinx; extra == "docs"
+Requires-Dist: furo; extra == "docs"
 Provides-Extra: test
-Requires-Dist: pytest ; extra == 'test'
-Requires-Dist: pytest-mock ; extra == 'test'
+Requires-Dist: pytest; extra == "test"
+Requires-Dist: pytest-mock; extra == "test"
 
 .. image:: https://github.com/zopefoundation/RestrictedPython/actions/workflows/tests.yml/badge.svg
     :target: https://github.com/zopefoundation/RestrictedPython/actions/workflows/tests.yml
@@ -124,11 +124,39 @@ the documentation `Contributing page
 Changes
 =======
 
-7.2a1.dev0 (2024-03-14)
------------------------
+7.4 (2024-10-09)
+----------------
+
+- Allow to use the package with Python 3.13.
+
+- Drop support for Python 3.7.
+
+- Provide new function ``RestrictedPython.Guards.safer_getattr_raise``.
+  It is similar to ``safer_getattr`` but handles its parameter
+  ``default`` like ``getattr``, i.e. it raises ``AttributeError``
+  if the attribute lookup fails and this parameter is not provided,
+  fixes `#287 <https://github.com/zopefoundation/RestrictedPython/issues/287>`_.
+
+
+7.3 (2024-09-30)
+----------------
+
+- Increase the safety level of ``safer_getattr`` allowing applications to use
+  it as ``getattr`` implementation. Such use should now follow the same policy
+  and give the same level of protection as direct attribute access in an
+  environment based on ``RestrictedPython``'s ``safe_builtints``.
+- Prevent information leakage via ``AttributeError.obj``
+  and the ``string`` module. (CVE-2024-47532)
+
+
+7.2 (2024-08-02)
+----------------
 
-- Allow to use the package with Python 3.13 -- Caution: No security
-  audit has been done so far.
+- Remove unneeded setuptools fossils that may cause installation problems
+  with recent setuptools versions.
+- Add support for single mode statements / execution.
+- Fix a potential breakout capability in the provided ``safer_getattr`` method
+  that is part of the ``safer_builtins``.
 
 
 7.1 (2024-03-14)

RestrictedPython-7.4.dist-info/RECORD

@@ -0,0 +1,14 @@
+RestrictedPython/Eval.py,sha256=pa79tc-JsT7xfzwg0ceMkxyioIEnFbNHc_PsKUhkkj8,3201
+RestrictedPython/Guards.py,sha256=Ls4eJa94nj6z6L65faEBCX8m7dHr3iF4n8-HlFpMniE,8217
+RestrictedPython/Limits.py,sha256=dORpuly21vSjy8gzNac9IYfIXMMWRVFvqUiKKIeZ3OM,1866
+RestrictedPython/PrintCollector.py,sha256=bBCpnUPOuKz1wJDuSgh7wo2aoKfcTJeeT8OYnM-K9F8,1137
+RestrictedPython/Utilities.py,sha256=u4HUdyjGawaeHyXSakyt4gRT17BZietXnF5WqicujjE,3033
+RestrictedPython/__init__.py,sha256=qB_s6zDxuXPAGMoKYKBMc-xZ0gTnQ0ZvtY5FxdAG3aM,1862
+RestrictedPython/_compat.py,sha256=2Mew5xHBB0Lg3YfhbFyTdOSt4TQCWnEBGQ1SNFeR8a0,318
+RestrictedPython/compile.py,sha256=IhcF733t-bkPcvfQ2_NyBeCbSIPtHYxR-GQNNHnaMHM,6727
+RestrictedPython/transformer.py,sha256=qpvsswxFDkVTra48qxQivnAbBoVdmEVLgdDKCwwt2cI,41418
+RestrictedPython-7.4.dist-info/LICENSE.txt,sha256=PmcdsR32h1FswdtbPWXkqjg-rKPCDOo_r1Og9zNdCjw,2070
+RestrictedPython-7.4.dist-info/METADATA,sha256=oU8AXsXRUKtaYTnteX0ulTyVZQVM2gQBdXeRDGwKLHg,13448
+RestrictedPython-7.4.dist-info/WHEEL,sha256=Mdi9PDNwEZptOjTlUcAth7XJDFtKrHYaQMPulZeBCiQ,91
+RestrictedPython-7.4.dist-info/top_level.txt,sha256=E1-3ARWcduVJnQAScms0FgqnBx_PovrzYsNMYuLGwa0,17
+RestrictedPython-7.4.dist-info/RECORD,,

{RestrictedPython-7.2a1.dev0.dist-info → RestrictedPython-7.4.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.42.0)
+Generator: setuptools (73.0.1)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

RestrictedPython-7.2a1.dev0.dist-info/RECORD

@@ -1,14 +0,0 @@
-RestrictedPython/Eval.py,sha256=pa79tc-JsT7xfzwg0ceMkxyioIEnFbNHc_PsKUhkkj8,3201
-RestrictedPython/Guards.py,sha256=XXupE0TwcWdb6qAsSexWUYEIeT3bVLTdOVvn94eoqs0,7646
-RestrictedPython/Limits.py,sha256=dORpuly21vSjy8gzNac9IYfIXMMWRVFvqUiKKIeZ3OM,1866
-RestrictedPython/PrintCollector.py,sha256=bBCpnUPOuKz1wJDuSgh7wo2aoKfcTJeeT8OYnM-K9F8,1137
-RestrictedPython/Utilities.py,sha256=7R6Op1Oqw9-fSxy_eWVa6ioZPx-SAxa7OolDObTWRkU,2937
-RestrictedPython/__init__.py,sha256=qB_s6zDxuXPAGMoKYKBMc-xZ0gTnQ0ZvtY5FxdAG3aM,1862
-RestrictedPython/_compat.py,sha256=nacdAJi4E8GKhkR99_BAxMA0AtK2FQnvrqZbG8hGofc,383
-RestrictedPython/compile.py,sha256=IhcF733t-bkPcvfQ2_NyBeCbSIPtHYxR-GQNNHnaMHM,6727
-RestrictedPython/transformer.py,sha256=AsPDuEN42OrBZBDtDCOFcWssNZrvm8PBGku8IvREXFg,42766
-RestrictedPython-7.2a1.dev0.dist-info/LICENSE.txt,sha256=PmcdsR32h1FswdtbPWXkqjg-rKPCDOo_r1Og9zNdCjw,2070
-RestrictedPython-7.2a1.dev0.dist-info/METADATA,sha256=V23yHfhhH7oSZr2ClO4fp6hkl0XVT5Xr1bveMPANdfw,12397
-RestrictedPython-7.2a1.dev0.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-RestrictedPython-7.2a1.dev0.dist-info/top_level.txt,sha256=E1-3ARWcduVJnQAScms0FgqnBx_PovrzYsNMYuLGwa0,17
-RestrictedPython-7.2a1.dev0.dist-info/RECORD,,