The code below constructs a class Protected with private keys and __getitem__ methods and shows how to call these methods indirectly from untrusted code:
from AccessControl.tests.testZopeGuards import TestActualPython
t = TestActualPython("testPython")
from AccessControl.class_init import InitializeClass
from AccessControl.SecurityInfo import ClassSecurityInfo
from ExtensionClass import Base
class Protected(Base):
security = ClassSecurityInfo()
@security.private
def keys(self):
return (1, 2, 3)
@security.private
def __getitem__(self, key):
return key
InitializeClass(Protected)
protected = Protected()
access_code="""\
d = {}
d.update(protected)
assert d == {1:1, 2:2, 3:3}
"""
code, g = t._compile_str(access_code, __name__)
g["protected"] = protected
exec(code, g)The same likely applies to many "special" methods called implicitly by Python (such as __bool__, __index__, __iter__, ...) or methods of Python types. The example above uses dict.update; similar unprotected access is likely possible with list.extend (using __iter__ without protection).
The code below constructs a class
Protectedwith privatekeysand__getitem__methods and shows how to call these methods indirectly from untrusted code:The same likely applies to many "special" methods called implicitly by Python (such as
__bool__,__index__,__iter__, ...) or methods of Python types. The example above usesdict.update; similar unprotected access is likely possible withlist.extend(using__iter__without protection).