Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Re: remote read eval print loop
33 views
Skip to first unread message
Chris Angelico
Aug 16, 2012, 6:43:50 PM8/16/12
to pytho...@python.org
On Fri, Aug 17, 2012 at 6:54 AM, Eric Frederich
<eric.fr...@gmail.com> wrote:
> Hello,
>
> I have a bunch of Python bindings for a 3rd party software running on the
> server side.
> I can add client side extensions that communicate over some http / xml type
> requests.
> So I can define functions that take a string and return a string.
> I would like to get a simple read eval print loop working.
Let's stop *right there*. You're looking for something that will run
on your server, take strings of text from a remote computer, and eval
them.
Please, please, please, on behalf of every systems administrator in
the world I beg you, please do not do this.
Instead, define your own high-level protocol and have your server
respond to that. One excellent way to keep things tidy is to use a
'command, parameters, newline' model: each line of text is one
instruction, consisting of a command word, then optionally parameters
after a space, then a newline. It's easy to debug, easy to read in
your code, and makes sense to anyone who's used a command-line
interface.
Six months from now, when your server still hasn't been compromised,
you'll appreciate the extra design effort :)
Chris Angelico
<eric.fr...@gmail.com> wrote:
> Hello,
>
> I have a bunch of Python bindings for a 3rd party software running on the
> server side.
> I can add client side extensions that communicate over some http / xml type
> requests.
> So I can define functions that take a string and return a string.
> I would like to get a simple read eval print loop working.
Let's stop *right there*. You're looking for something that will run
on your server, take strings of text from a remote computer, and eval
them.
Please, please, please, on behalf of every systems administrator in
the world I beg you, please do not do this.
Instead, define your own high-level protocol and have your server
respond to that. One excellent way to keep things tidy is to use a
'command, parameters, newline' model: each line of text is one
instruction, consisting of a command word, then optionally parameters
after a space, then a newline. It's easy to debug, easy to read in
your code, and makes sense to anyone who's used a command-line
interface.
Six months from now, when your server still hasn't been compromised,
you'll appreciate the extra design effort :)
Chris Angelico
Steven D'Aprano
Aug 16, 2012, 10:27:42 PM8/16/12
to
On Fri, 17 Aug 2012 08:43:50 +1000, Chris Angelico wrote:
> On Fri, Aug 17, 2012 at 6:54 AM, Eric Frederich
> <eric.fr...@gmail.com> wrote:
>> Hello,
>>
>> I have a bunch of Python bindings for a 3rd party software running on
>> the server side.
>> I can add client side extensions that communicate over some http / xml
>> type requests.
>> So I can define functions that take a string and return a string. I
>> would like to get a simple read eval print loop working.
>
> Let's stop *right there*. You're looking for something that will run on
> your server, take strings of text from a remote computer, and eval them.
>
> Please, please, please, on behalf of every systems administrator in the
> world I beg you, please do not do this.
>
> Instead, define your own high-level protocol
Stop right there!
> On Fri, Aug 17, 2012 at 6:54 AM, Eric Frederich
> <eric.fr...@gmail.com> wrote:
>> Hello,
>>
>> I have a bunch of Python bindings for a 3rd party software running on
>> the server side.
>> I can add client side extensions that communicate over some http / xml
>> type requests.
>> So I can define functions that take a string and return a string. I
>> would like to get a simple read eval print loop working.
>
> Let's stop *right there*. You're looking for something that will run on
> your server, take strings of text from a remote computer, and eval them.
>
> Please, please, please, on behalf of every systems administrator in the
> world I beg you, please do not do this.
>
> Instead, define your own high-level protocol
There is already awesome protocols for running Python code remotely over
a network. Please do not re-invent the wheel without good reason.
See pyro, twisted, rpyc, rpclib, jpc, and probably many others.
--
Steven
Alister
Aug 17, 2012, 2:38:26 AM8/17/12
to
Do NOT blindly eval data sent from a remote computer as is cannot be
trusted. This of course is assuming they are not on a secure connection,
but even then it is good practice as not all attacks come from outside.
although i have to agree with you about not re-inventing wheels, they
invariably come out square :-)
--
<Kensey> RMS for President???
<RelDrgn> ...or ESR, he wants a new job ;)
Chris Angelico
Aug 17, 2012, 3:25:31 AM8/17/12
to pytho...@python.org
On Fri, Aug 17, 2012 at 12:27 PM, Steven D'Aprano
<steve+comp....@pearwood.info> wrote:
> There is already awesome protocols for running Python code remotely over
> a network. Please do not re-invent the wheel without good reason.
>
> See pyro, twisted, rpyc, rpclib, jpc, and probably many others.
But they're all tools for building protocols. I like to make
<steve+comp....@pearwood.info> wrote:
> There is already awesome protocols for running Python code remotely over
> a network. Please do not re-invent the wheel without good reason.
>
> See pyro, twisted, rpyc, rpclib, jpc, and probably many others.
line-based protocols that don't need middle-layers, you might like to
use RPC, doesn't matter; either way, neither of us is sending
untrusted code across the internet and executing it.
By all means, use pyro instead of plain sockets to build your
protocol; you still don't need a read/eval/print loop to run across a
network.
Personally, I'm of the opinion that simple text-based protocols are
usually sufficient, and much easier to debug - heavier things like RPC
tend to be overkill. But as Alister pointed out, my main point was not
about the details of how you design your protocol.
ChrisA
rusi
Aug 17, 2012, 7:09:40 AM8/17/12
to
On Aug 17, 12:25 pm, Chris Angelico <ros...@gmail.com> wrote:
> On Fri, Aug 17, 2012 at 12:27 PM, Steven D'Aprano
>
> On Fri, Aug 17, 2012 at 12:27 PM, Steven D'Aprano
>
> <steve+comp.lang.pyt...@pearwood.info> wrote:
> > There is already awesome protocols for running Python code remotely over
> > a network. Please do not re-invent the wheel without good reason.
>
> > See pyro, twisted, rpyc, rpclib, jpc, and probably many others.
>
> But they're all tools for building protocols. I like to make
> line-based protocols
Dont know if this is relevant. If it is, its more in the heavyweight
> > There is already awesome protocols for running Python code remotely over
> > a network. Please do not re-invent the wheel without good reason.
>
> > See pyro, twisted, rpyc, rpclib, jpc, and probably many others.
>
> But they're all tools for building protocols. I like to make
> line-based protocols
direction.
Anyway just saw this book yesterday
http://springpython.webfactional.com/node/39
Chris Angelico
Aug 17, 2012, 10:06:14 AM8/17/12
to pytho...@python.org
On Fri, Aug 17, 2012 at 11:28 PM, Eric Frederich
<eric.fr...@gmail.com> wrote:
> Within the debugging console, after importing all of the bindings, there
> would be no reason to import anything whatsoever.
> With just the bindings I created and the Python language we could do
> meaningful debugging.
> So if I block the ability to do any imports and calls to eval I should be
> safe right?
Nope. Python isn't a secured language in that way. I tried the same
sort of thing a while back, but found it effectively impossible. (And
this after people told me "It's not possible, don't bother trying". I
tried anyway. It wasn't possible.)
If you really want to do that, consider it equivalent to putting an
open SSH session into your debugging console. Would you give that much
power to your application's users? And if you would, is it worth
reinventing SSH?
ChrisA
<eric.fr...@gmail.com> wrote:
> Within the debugging console, after importing all of the bindings, there
> would be no reason to import anything whatsoever.
> With just the bindings I created and the Python language we could do
> meaningful debugging.
> So if I block the ability to do any imports and calls to eval I should be
> safe right?
Nope. Python isn't a secured language in that way. I tried the same
sort of thing a while back, but found it effectively impossible. (And
this after people told me "It's not possible, don't bother trying". I
tried anyway. It wasn't possible.)
If you really want to do that, consider it equivalent to putting an
open SSH session into your debugging console. Would you give that much
power to your application's users? And if you would, is it worth
reinventing SSH?
ChrisA
0 new messages