The pickle receiver is vulnerable to injection of arbitrarily pickled objects
Bug #817247 reported by
Dave Rawks
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Graphite |
Fix Committed
|
Undecided
|
Unassigned |
Bug Description
The picklereceiver should require some sort of authentication to ensure that only trusted receivers can send pickle objects AND/OR the deserialization of pickle objects should be somehow sanitized to prevent arbitrary class objects from being called.
example:
http://
information type: | Private Security → Public Security |
To post a comment you must log in.
I've added a new USE_INSECURE_ UNPICKLER option to carbon.conf, it defaults to False, so the default implementation now is basically the implementation from http:// nadiana. com/python- pickle- insecure
I left the insecure version as an option because it is faster. Also note that not using the insecure unpickler does not imply that the unpickler you get is secure! There are various vulnerabilities in the pickle protocol beyond just calling os.system.
If you install 0.9.9 and see a performance regression you might consider explicitly setting USE_INSECURE_ UNPICKLER = True.