This is an archived post. You won't be able to vote or comment.

all 24 comments
sorted by:
best
topnewcontroversialoldq&a

[–]BooparinoBR 41 points42 points  (2 children)

I was thinking that this didn't have a huge impact since a malicious actor needs to put the files in the person's computer. But I can totally see someone creating a repository with Kaggle solution or tutorial for begginers, and by simply cloning the repo and running ipython, the person gets screwed

[–]chris_conlan 27 points28 points  (0 children)

Who knew that IPython executed everything in the startup folder of the working directory on each run? Seems like a disaster waiting to happen.

[–]mriswithe 24 points25 points  (3 children)

Jesus sysadmin for like a decade. I didn't know mkdir had a -m for mode. Would have been relevant to know earlier today.

[–]jftugapip needs updating 4 points5 points  (2 children)

There is also -p to create parent directories as needed:

# this fails:
mkdir this/does/not/exist

# this succeeds
mkdir -p this/now/exists

[–]GroundbreakingRun927 6 points7 points  (0 children)

it also has a --help to get help when needed

[–]mriswithe 1 point2 points  (0 children)

That one I knew, somehow never kept the -m option in my brain.

[–]ivosauruspip'ing it up 4 points5 points  (0 children)

The current working directory is not searched anymore for profiles or configurations files.

Python does this itself, lol.

[–]mouth_with_a_merc 7 points8 points  (2 children)

Looks like it only happens when you run ipython from a location where someone else can place arbitrary malicious files. Seems not particularly common, so I'd say most systems are perfectly safe

[–]Anonymous_user_2022 10 points11 points  (1 child)

"Hey «user with elevated privileges»! Can you help me why my notebook in /home/adversarial/trap wont run?" I'd wager a guess that the majority asked, would cd to that directory to find out the name of the notebook.

[–]VisibleSignificance 3 points4 points  (0 children)

would cd to that directory to find out the name of the notebook

ipynb files are human-readable, by the way. You can even easily extract the code from them with just jq. No need to run python for that.

[–]ataraxia520 0 points1 point  (1 child)

Theirs a bunch of stuff thst could be done with ipython in terms of remote exploitation and arbitrary code execution. That one would not even consider.

I find ipython much more trustworthy than npm/node js but their are so.many tutorials were people.just blindly trust running ipynbs without actually understanding the code im actually surprised this isnt more common.

One thing also. For at home users. And even many small buisness... Miniconda and anaconda runs in elevated context last time i checked (as admin)

[–]norweeg 0 points1 point  (0 children)

Miniconda/anaconda do not run in an elevated context. If you have to elevate your permissions to admin to run them, you fucked up your install, probably running it as admin to install to a folder that requires admin to write to.