[8.0] Prevent to unpickle globals which are not jobs #170

Merged
merged 2 commits into from Feb 28, 2016

Conversation

Projects
None yet
4 participants
@guewen
Member

guewen commented Feb 22, 2016

This is a safeguard to prevent someone to write arbitrary code in jobs.
Builtin types and datetime/timedelta are allowed in job arguments, and a
new function 'whitelist_unpickle_global' allows to register new objects
if needed.

I will do a proper release with a new addon's version and updated changelog in
a PR after this one is merged.

This change may bring backward incompatibilities issues, precisely errors if you pickle a type/function which is not allowed by the custom unpickler. If this happens to you, you'd want to add in your addon module:

from openerp.addons.connector.queue.job import whitelist_unpickle_global

whitelist_unpickle_global(your_object_to_allow)

/cc @lmignon @sbidoul @gurneyalex @colinnewell

guewen added some commits Feb 8, 2016

Prevent to unpickle globals which are not jobs
This is a safeguard to prevent someone to write arbitrary code in jobs.
Builtin types and datetime/timedelta are allowed in job arguments, and a
new function 'whitelist_unpickle_global' allows to register new objects
if needed.
@lmignon

This comment has been minimized.

Show comment
Hide comment
@lmignon

lmignon Feb 24, 2016

Contributor

Thank you @guewen. This fix LGTM but I'm not an expert in security. 👍 (Code review)

Contributor

lmignon commented Feb 24, 2016

Thank you @guewen. This fix LGTM but I'm not an expert in security. 👍 (Code review)

@colinnewell

This comment has been minimized.

Show comment
Hide comment

👍

@PeterAlabaster

This comment has been minimized.

Show comment
Hide comment

👍

@lmignon

This comment has been minimized.

Show comment
Hide comment
@lmignon

lmignon Feb 26, 2016

Contributor

@guewen I don't know why runbot kill the process.... IMO it's safe to merge this PR but I prefer to have an other advice...

Contributor

lmignon commented Feb 26, 2016

@guewen I don't know why runbot kill the process.... IMO it's safe to merge this PR but I prefer to have an other advice...

lmignon added a commit that referenced this pull request Feb 28, 2016

Merge pull request #170 from guewen/8.0-unpickle-restrict
[8.0] Prevent to unpickle globals which are not jobs

@lmignon lmignon merged commit 54b95b0 into OCA:8.0 Feb 28, 2016

2 checks passed

ci/runbot runbot build 3142612-170-b4302f (runtime 61s)
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment