Skip to main content

Python: Wrapping Methods Via a Backdoor

Often, when you write a server in Python, you include a backdoor. The backdoor is something that you can telnet to from localhost, and it's basically a Python shell. Within the Python shell, you can snoop around the running program. It's cool. Now, suppose you want to insert some code to debug a problem. Suppose you want to intercept all method calls to a certain class. (If you're a hardcore Python hacker, feel free to stop reading, but many other people will find this interesting.)

>>> class C:
... """This is some pre-existing class within the running application."""
... def f(self, num): print "I got called with:", num
>>> def wrap(f):
... """This is a function decorator. inner below is the wrapper itself."""
... def inner(*args, **kargs):
... print "I'm about to call %s with %s %s." % ... (f.__name__, `args[1:]`, `kargs`)
... return f(*args, **kargs)
... return inner
>>> # Wrap every method in C.
... for name in dir(C):
... attr = getattr(C, name)
... if callable(attr):
... setattr(C, name, wrap(attr))
>>> # Now, when you call C.f, the method is wrapped.
... C().f(5)
I'm about to call f with (5,) {}.
I got called with: 5


Ian Bicking said…
Perhaps an interesting way to make a backdoor is something like the console example I have in Paste.

Though if you wanted to watch all print statements, you might want something more chat-like, where the web app pings the server every second or two and shows any newly printed content. Though if you don't do that (and you were using WSGI) you could use something like paste.printdebug, which displays all prints in the webpage itself (assuming this is an in-development app): -- other logging-style collectors would also be neat.

Lastly, the magic_set decorator in is, I think, an interesting way to inject functionality (it should look for a next_method argument, though, which would make it easier to use for this kind of thing).
jjinux said…
Your mention of magic set is about how to add a method to a class, right? Yeah, I've faced that problem as well.

I talked about the solution I had for that problem at our Python users' group (basically, I curried the function, manually creating a bound method), but our two Python users' groups are so far away from each other. That is really too bad because we were specifically interested in a talk on SQLObject and other related projects! The funny thing is, that thread happened on our mailing list the same day you announced the next meeting of the Chicago Python users' group!

Yeah, using AJAX for the backdoor is cool, although, since you are enforcing the localhost rule (as am I), it's easier to telnet from localhost than to have a Web browser or HTTP tunnel on localhost. Nonetheless, it's a good technique.

Popular posts from this blog

Drawing Sierpinski's Triangle in Minecraft Using Python

In his keynote at PyCon, Eben Upton, the Executive Director of the Rasberry Pi Foundation, mentioned that not only has Minecraft been ported to the Rasberry Pi, but you can even control it with Python. Since four of my kids are avid Minecraft fans, I figured this might be a good time to teach them to program using Python. So I started yesterday with the goal of programming something cool for Minecraft and then showing it off at the San Francisco Python Meetup in the evening.

The first problem that I faced was that I didn't have a Rasberry Pi. You can't hack Minecraft by just installing the Minecraft client. Speaking of which, I didn't have the Minecraft client installed either ;) My kids always play it on their Nexus 7s. I found an open source Minecraft server called Bukkit that "provides the means to extend the popular Minecraft multiplayer server." Then I found a plugin called RaspberryJuice that implements a subset of the Minecraft Pi modding API for Bukkit s…

Apple: iPad and Emacs

Someone asked my boss's buddy Art Medlar if he was going to buy an iPad. He said, "I figure as soon as it runs Emacs, that will be the sign to buy." I think he was just trying to be funny, but his statement is actually fairly profound.

It's well known that submitting iPhone and iPad applications for sale on Apple's store is a huge pain--even if they're free and open source. Apple is acting as a gatekeeper for what is and isn't allowed on your device. I heard that Apple would never allow a scripting language to be installed on your iPad because it would allow end users to run code that they hadn't verified. (I don't have a reference for this, but if you do, please post it below.) Emacs is mostly written in Emacs Lisp. Per Apple's policy, I don't think it'll ever be possible to run Emacs on the iPad.

Emacs was written by Richard Stallman, and it practically defines the Free Software movement (in a manner of speaking at least). Stal…

JavaScript: Porting from react-css-modules to babel-plugin-react-css-modules (with Less)

I recently found a bug in react-css-modules that prevented me from upgrading react-mobx which prevented us from upgrading to React 16. Then, I found out that react-css-modules is "no longer actively maintained". Hence, whether I wanted to or not, I was kind of forced into moving from react-css-modules to babel-plugin-react-css-modules. Doing the port is mostly straightforward. Once I switched libraries, the rest of the port was basically:
Get ESLint to pass now that react-css-modules is no longer available.Get babel-plugin-react-css-modules working with Less.Get my Karma tests to at least build.Get the Karma tests to pass.Test things thoroughly.Fight off merge conflicts from the rest of engineering every 10 minutes ;) There were a few things that resulted in difficult code changes. That's what the rest of this blog post is about. I don't think you can fix all of these things ahead of time. Just read through them and keep them in mind as you follow the approach above.…