Python Security

Taint Mode For Python

Sun, 25 Jul 2010 13:24:25 -0400

Juanjo Conti has done some fantastic work for OWASP implementing a taint mode in Python through a library. Taint mode is a language feature which can highlight injection flaws by tracing untrusted user input through the code by tracking the “taintedness” of variables. In taint mode, developers identify untrusted inputs, sanitization functions, and sensitive sinks. User input variables are initially marked as tainted, and the taintedness will be propagated as new variables are created based on already tainted variables. Tainted variables can be sanitized, after which they will be marked as untainted. Taint mode will prevent tainted data from going to identified sensitive sinks such as an interpreter or browser.

Sounds simple enough, but the real power here is in the propagation of taint information. As just one example, if you concatenate a tainted variable with an untainted variable, the result will be tainted. In this way the taintedness can traced through the program from the source to the sink.

Previous taint mode implementations required modifying the interpreter. Juanjo has done it in a library by implementing subclasses of the primitive datatypes that allows for propagation of taint information. This comes at the cost of needing to modify the application code, but the decorators and shortcuts Juanjo provides makes it easy.

Juanjo presented at OWASP App Sec 2010 in Stockholm. You can read or watch his presentation online. The source code for the library is available here.

More information about taint mode can be found on the PythonSecurity.org wiki.

Thinking About Using exec? Think Again!

Sun, 18 Jul 2010 11:06:15 -0400

Thinking About Using exec? Think Again!

web2py - A Framework That Cares About Security

Tue, 13 Jul 2010 12:59:44 -0400

A huge round of applause is in order for web2py because they care about security.

The web2py creators clearly kept security in mind from the design phase, and it shows in the end result. web2py is immune to many attacks on session management and routing because those components were designed with security in mind.

This underscores an important aspect of security in any application: Security cannot be tacked on afterwards, it must be built in from the start. While you can add on cryptography or more escaping to an application, preventing attacks on sessions or user management may require redesigning those components.

Check out web2py’s page on PythonSecurity.org for more details specific to web2py.

Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security

Tue, 29 Jun 2010 13:28:08 -0400

Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security

A Challenge To Break Python Security

Tue, 29 Jun 2010 13:27:49 -0400

A Challenge To Break Python Security