3

In Python its possible to compile a Python script without executing (using py_compile module, Py_CompileString in C).

A lot is written on issues attempting to sand-box CPython (and how difficult it is), however, I'm interested to know if there are known security risks in compiling CPython code (without executing its contents).

Put differently, are there known security rests with running:

python -m py_compile file_from_unknown_source.py

In this case a bad actor may be able to find exploits in the parser or byte-code generator, my question is regarding this and if there are known exploits to do such a task, or if this is generally considered safe.

For the purpose of this question, safe means:

  • Not be able to run arbitrary Python code or shell commands.
  • Not be able to delete, create or access files
    (besides the compiled pyc of course).
  • Not be able to use the network connection on the system.

In short, not do anything besides compiling the code, or failing to compile with invalid input.

ideasman42
  • 42,413
  • 44
  • 197
  • 320

1 Answers1

0

No, it is not safe. CPython has lots of known bugs that lead to stack overflows and other nasty conditions. A SIGSEGV should be considered potentially exploitable.

Antti Haapala -- Слава Україні
  • 129,958
  • 22
  • 279
  • 321