Skip to content

Whitelist argparse and getopt as safe modules #142

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
crowcreation wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Whitelist argparse and getopt as safe modules #142

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions src/dippy/cli/python.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,11 @@
"html",
"html.parser",
"html.entities",
# Argv parsing (pure string processing; sys.exit/--help to stdout is
# part of the CLI contract, not a security concern — print is already
# whitelisted, and termination is not in the threat model).
"argparse",
"getopt",
}
)

Expand Down Expand Up @@ -205,8 +210,6 @@
"cmd",
"shlex",
"getpass",
"getopt",
"argparse", # Can sys.exit
"logging", # Can write to files
"atexit",
# CGI (Bandit B412: httpoxy vulnerabilities)
Expand Down
28 changes: 28 additions & 0 deletions tests/cli/test_python.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,34 @@ class Person:
result = check(f"python {script}")
assert is_approved(result), "Dataclass script should be approved"

def test_safe_script_argparse_approved(self, check, tmp_path):
"""Script using argparse should be approved (pure argv parsing)."""
script = tmp_path / "argparse_script.py"
script.write_text("""
import argparse

parser = argparse.ArgumentParser(description="Demo")
parser.add_argument("--count", type=int, default=1)
parser.add_argument("name")
args = parser.parse_args()
print(f"Hello {args.name} x{args.count}")
""")
result = check(f"python {script}")
assert is_approved(result), "argparse script should be approved"

def test_safe_script_getopt_approved(self, check, tmp_path):
"""Script using getopt should be approved (pure argv parsing)."""
script = tmp_path / "getopt_script.py"
script.write_text("""
import getopt

opts, args = getopt.getopt(["--name", "Alice"], "", ["name="])
for opt, val in opts:
print(opt, val)
""")
result = check(f"python {script}")
assert is_approved(result), "getopt script should be approved"

def test_dangerous_import_os_blocked(self, check, tmp_path):
"""Script importing os should be blocked."""
script = tmp_path / "dangerous_os.py"
Expand Down