Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

You are as I am with You.

comp / comp.lang.python / Re: Sanitise user input for a script

SubjectAuthor
o Re: Sanitise user input for a scriptSimon Connah

1
Subject: Re: Sanitise user input for a script
From: Simon Connah
Newsgroups: comp.lang.python
Date: Sat, 31 Aug 2024 04:49 UTC
References: 1 2 3
Attachments: "signature.asc" (application/pgp-signature)
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!not-for-mail
From: simon.n.connah@protonmail.com (Simon Connah)
Newsgroups: comp.lang.python
Subject: Re: Sanitise user input for a script
Date: Sat, 31 Aug 2024 04:49:15 +0000
Lines: 117
Message-ID: <mailman.20.1725079772.2917.python-list@python.org>
References: <Y_Bag-4OjGfIUUu5xJIzjMhKnizgNZcYAf05yMBQT7n_j-eeooAwDo2e1yVK1FWLbhUeQLmRZ82ywJcyqs13yuDBuejH_fHBxwNHDBRm_1A=@protonmail.com>
<69cb2985-3284-426d-a8b0-af256a3ac2ff@tompassin.net>
<yBHKp8xC4eHUd3QFaOPEHHVlOPJFEwfTg5SJ2y6tDn4RZQtDDYfq4zv14zbTYyy97xA_eho7eTDJn_VMJsR8oPsigLl_3FOghOViUVU0T_k=@protonmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature";
micalg=pgp-sha512;
boundary="------c54bfc74c424e5b8ead469eefae8348a2c9c979e01024beaf0e1665e5bcdcac9";
charset=utf-8
X-Trace: news.uni-berlin.de 3IZQVmhea+EPixY37BaM+AFAbwkmm0fd0hYyYUFJ075w==
Cancel-Lock: sha1:XuFKHF1o1/NvgH3i5Dh2XR+GZO0= sha256:AkuUbhttC9fFeGPMLZLdw4HHglamM83sIlH6kr7G4tA=
Return-Path: <simon.n.connah@protonmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
Authentication-Results: mail.python.org; dkim=pass
reason="2048-bit key; unprotected key"
header.d=protonmail.com header.i=@protonmail.com header.b=nrzsgUdg;
dkim-adsp=pass; dkim-atps=neutral
X-Spam-Status: OK 0.001
X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'content-
type:multipart/signed': 0.05; 'random': 0.05; 'cpu': 0.07; 'ram':
0.07; 'cc:addr:python-list': 0.09; 'content-type:application/pgp-
signature': 0.09; 'filename:fname piece:asc': 0.09;
'filename:fname piece:signature': 0.09;
'filename:fname:signature.asc': 0.09; 'subject:script': 0.09;
'then.': 0.09; 'yes.': 0.09; 'cc:no real name:2**0': 0.14;
'url:mailman': 0.15; '2024': 0.16; 'arguments': 0.16; 'content-
disposition:attachment; filename="signature.asc"': 0.16; 'holzer':
0.16; 'instance': 0.16; 'instead.': 0.16; 'machine.': 0.16;
'protecting': 0.16; 'received:mail-europe.com': 0.16; 'rules.':
0.16; 'script,': 0.16; 'script.': 0.16; 'simon': 0.16; 'sorry.':
0.16; 'things,': 0.16; 'wrote:': 0.16; 'python': 0.16; 'api':
0.17; 'instead': 0.17; "aren't": 0.19; 'it?': 0.19; 'pm,': 0.19;
'cc:addr:python.org': 0.20; 'input': 0.21; "i'd": 0.24; 'url-
ip:188.166.95.178/32': 0.25; 'url-ip:188.166.95/24': 0.25;
'url:listinfo': 0.25; 'cc:2**0': 0.25; 'url-ip:188.166/16': 0.25;
'configure': 0.26; 'friday,': 0.26; 'practices': 0.26; 'creating':
0.27; 'expect': 0.28; 'thinking': 0.28; 'suggestions': 0.28;
'takes': 0.31; 'url-ip:188/8': 0.31; 'message-id:@protonmail.com':
0.32; 'python-list': 0.32; 'but': 0.32; "i'm": 0.33; "i'll": 0.33;
'subject:for': 0.33; 'script': 0.33; 'server': 0.33; 'windows':
0.34; 'someone': 0.34; 'same': 0.34; 'header:In-Reply-To:1': 0.34;
'runs': 0.35; 'count': 0.36; 'change': 0.36; 'using': 0.37;
'this.': 0.37; 'file': 0.38; 'way': 0.38; 'could': 0.38; 'read':
0.38; 'use': 0.39; 'should': 0.40; 'best': 0.61; 'method': 0.61;
'limited': 0.62; 'follow': 0.62; 'send': 0.63; 'between': 0.63;
'received:51': 0.64; 'your': 0.64; 'look': 0.65; 'let': 0.66;
'forget': 0.67; 'customer': 0.67; 'content-type:multipart/mixed':
0.68; 'know.': 0.68; 'malicious': 0.69; 'terms': 0.70;
'protection': 0.70; 'you.': 0.71; 'offer': 0.71; 'direct': 0.73;
'header:Received:2': 0.84; 'forgot': 0.84; 'itself.': 0.84
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
s=protonmail3; t=1725079757; x=1725338957;
bh=omCALQOI+zJDdgW8fyJehiNpWZJEXipCyepGUH0OxUk=;
h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
Message-ID:BIMI-Selector;
b=nrzsgUdgGrutKrVuHcSXrnN/rwMnI7jYwPwOBItglmQUCdFjJK9xmlYJpPnAvnIvW
LLPJ1ZZQuoACcqndfvu0A2NdVTuz5rUXT3LIF5bFmGPk7Si6ZN+vbqNnvCOSaMlXcH
wppr7YdeayOGX4gWIZ0xEU1CR7cD8nw95CZeoiKIxjE4Y2M3Q5w5hy1tzxn+fK3YQ1
9ZPgV5ItC7ji9A4v6PuX4xKz/O57q7FEwyTwag7DNRmzTA8kJO01HNI7RiEeKjFFOr
jmnQcEa+dQm+9q0Od3aOSB4BNOeoTmAnL50PywAP9cJ302OLdpX3SQN4cVkBSTOW26
A0UkGnOAeCLXg==
In-Reply-To: <69cb2985-3284-426d-a8b0-af256a3ac2ff@tompassin.net>
Feedback-ID: 24074989:user:proton
X-Pm-Message-ID: 2256ad515c159bf9d6db9f5de8dcd955b0417edb
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: General discussion list for the Python programming language
<python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>,
<mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <https://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>,
<mailto:python-list-request@python.org?subject=subscribe>
X-Mailman-Original-Message-ID: <yBHKp8xC4eHUd3QFaOPEHHVlOPJFEwfTg5SJ2y6tDn4RZQtDDYfq4zv14zbTYyy97xA_eho7eTDJn_VMJsR8oPsigLl_3FOghOViUVU0T_k=@protonmail.com>
X-Mailman-Original-References: <Y_Bag-4OjGfIUUu5xJIzjMhKnizgNZcYAf05yMBQT7n_j-eeooAwDo2e1yVK1FWLbhUeQLmRZ82ywJcyqs13yuDBuejH_fHBxwNHDBRm_1A=@protonmail.com>
<69cb2985-3284-426d-a8b0-af256a3ac2ff@tompassin.net>
View all headers

On Friday, 30 August 2024 at 23:35, Thomas Passin via Python-list <python-list@python.org> wrote:

>

>

> On 8/30/2024 3:18 PM, Simon Connah via Python-list wrote:
>

> > I need to write a script that will take some user input (supplied on a website) and then execute a Python script on a host via SSH. I'm curious what the best options are for protecting against malicious input in much the smae way as you sanitise SQL to protect against SQL injections.
>

>

> You should never, never, never "sanitize" SQL. Use prepared statements
> instead.

Yes. Sorry. I forgot what it was called and accidentally called it sanitising instead but I'm using prepared statements in psycopg 3 for SQL.

>

> What kind of user input do you expect to get that would need to be
> "sanitized"? How are you going to use it such that malicious input might
> cause trouble? I hope you aren't planning to exec() it. Are you
> expecting a user to send in a script and your server will execute it?
> Better read up on sandboxing, then.

No. I'm not planning on exec() a random script. I have a prepared Python script which configures various things. The web server connects to the server via SSH and runs my Python script which then runs commands like bhyve (FreeBSD) and it also does things like configure the firewall config file to change firewall rules. The customer has no direct access to the Python script.

In terms of arguments the script that deals with bhyve for instance takes arguments such as CPU count and RAM amount.

>

> If you won't be exec()ing a script, then you can consider creating an
> API where each method of the API can only do limited things, and only
> with certain parameters not all of all them. The SSH message can include
> the name of the method to use.
>

> And follow what Peter Holzer wrote. Don't forget that quoting practices
> are not the same between Windows and Linux.

Thank you. I'll look into this. Makes sense.

>

> > I could do it either on the website itself or by doing it on the host machine.
> >

> > I'm thinking of using argparse but I'm aware it does not offer any protection itself.
> >

> > If someone has any suggestions I'd appreciated it. If you need more information then please let me know.
> >

> > Simon.
>

>

> --
> https://mail.python.org/mailman/listinfo/python-list

Attachments: "signature.asc" (application/pgp-signature)
1

rocksolid light 0.9.8
clearnet tor