# PYTHON-LANG-SEC-003: Dangerous code.InteractiveConsole Usage

> **Severity:** HIGH | **CWE:** CWE-95 | **OWASP:** A03:2021

- **Language:** Python
- **Category:** Python Core
- **URL:** https://codepathfinder.dev/registry/python/lang/PYTHON-LANG-SEC-003
- **Detection:** `pathfinder scan --ruleset python/PYTHON-LANG-SEC-003 --project .`

## Description

Python's code module provides the InteractiveConsole, InteractiveInterpreter, and interact()
classes and functions which implement a Python read-eval-print loop (REPL). These are intended
for debugging and development tooling; when exposed to or called with untrusted input in
production code, they grant the caller full Python code execution capability.

code.InteractiveConsole().interact() drops into a full Python REPL. code.compile_command()
partially compiles Python source and is used as a building block for interactive interpreters.
Any application that pipes untrusted network or user input into these components effectively
gives the attacker a remote Python shell on the server.

These functions are legitimate for local development tools, administrative debug consoles
that are properly authenticated, and embedded REPL features. They become dangerous when
exposed unauthenticated over a network or when the input source is not strictly controlled.


## Vulnerable Code

```python
import code
import importlib
import typing

# SEC-003: code.InteractiveConsole
console = code.InteractiveConsole()
code.interact()
```

## Secure Code

```python
# SECURE: Gate any interactive console behind strong authentication
# and restrict to localhost only in production
import code
import os

def start_admin_console(is_admin: bool, remote_addr: str):
    if not is_admin:
        raise PermissionError("Admin access required")
    if remote_addr not in ("127.0.0.1", "::1"):
        raise PermissionError("Console only available from localhost")
    # Further: wrap in audit logging, rate limiting, and session recording
    code.interact(local={"help": "Type Python expressions"})

# SECURE: Use a dedicated admin CLI with explicit commands instead of a REPL
import argparse

def admin_cli():
    parser = argparse.ArgumentParser()
    subparsers = parser.add_subparsers(dest="command")
    subparsers.add_parser("status")
    subparsers.add_parser("reload")
    args = parser.parse_args()
    # Handle each command explicitly without code execution

```

## Detection Rule (Python SDK)

```python
from rules.python_decorators import python_rule
from codepathfinder import calls, flows, QueryType
from codepathfinder.presets import PropagationPresets

class CodeModule(QueryType):
    fqns = ["code"]


@python_rule(
    id="PYTHON-LANG-SEC-003",
    name="Dangerous code.InteractiveConsole Usage",
    severity="HIGH",
    category="lang",
    cwe="CWE-95",
    tags="python,code-run,interactive-console,CWE-95",
    message="code.InteractiveConsole/interact detected. This enables arbitrary code execution.",
    owasp="A03:2021",
)
def detect_code_run():
    """Detects code.InteractiveConsole and code.interact usage."""
    return CodeModule.method("InteractiveConsole", "interact", "compile_command")
```

## How to Fix

- Never expose code.InteractiveConsole or code.interact() over an unauthenticated network endpoint.
- In production deployments, disable any debug console or REPL endpoint; ensure DEBUG=False in all production configuration.
- If an admin REPL is required, gate it behind strong multi-factor authentication, restrict to localhost or a VPN-only interface, and log all commands executed.
- Replace interactive consoles with purpose-built admin CLIs that accept an explicit allowlist of commands without arbitrary code execution.
- Use a process supervisor or container runtime that provides exec access only to authorized operations teams rather than exposing a Python REPL.

## Security Implications

- **Remote Python Shell:** An unauthenticated or improperly authenticated code.interact() endpoint gives the
attacker a full interactive Python interpreter with the privileges of the web server
process, equivalent to SSH access to the host.

- **Unrestricted File System Access:** Through the interactive console, an attacker can read, write, and delete any file
accessible to the process, including application secrets, SSL private keys, database
credentials, and user data.

- **Process and System Control:** The interactive console can spawn subprocesses, open network connections, modify
environment variables, send signals to other processes, and call any system call
available to Python, giving the attacker complete control of the host environment.

- **Debug Endpoint Exposure:** Development debug panels (such as Werkzeug's debug console) that use code module
internals are commonly left enabled in production deployments. This is a well-known
and frequently exploited attack vector in Python web applications.


## FAQ

**Q: Is code.InteractiveConsole dangerous in all contexts?**

No. When used in a local development tool, a properly authenticated and localhost-only
admin console, or an embedded REPL for trusted users, code.InteractiveConsole is
appropriate. It is dangerous when the input it processes can be influenced by untrusted
remote users or when it is exposed on a network interface without authentication.


**Q: Why does this rule flag code.compile_command() which just compiles code?**

code.compile_command() is the building block for interactive interpreters. Its presence
usually indicates that a partial REPL is being assembled. The flag prompts a review of
how the compiled code object is eventually executed, since the execution step may follow
without being obvious from the call site alone.


**Q: How does this relate to Werkzeug's debug console vulnerability?**

Werkzeug's interactive debugger uses code module internals to provide a REPL in browser-
based exception pages. When deployed with DEBUG=True in production, this console is
reachable by any user who can trigger an exception. This has been exploited in numerous
real-world attacks. This rule helps identify code paths that share this pattern.


**Q: What should I use instead for admin debugging in production?**

Use structured logging and distributed tracing for debugging production issues. For
administrative operations, expose a purpose-built CLI with explicit command verbs, proper
authentication, and audit logging. If live inspection of running processes is required,
use py-spy or similar profiling tools that do not expose code execution.


**Q: Can I suppress this finding for legitimate development tooling?**

Yes. If the code.InteractiveConsole usage is in a module that is only loaded in
development environments (e.g., guarded by an explicit DEVELOPMENT_MODE flag or only
present in a dev-specific Django management command), document the suppression with a
comment explaining the trust boundary and access control measures.


**Q: Does this rule detect indirect usage through wrapper libraries?**

The rule detects direct calls to the code module functions. If a wrapper library
re-exports these functions under a different name, the indirect call may not be detected.
Review dependencies that provide REPL or interactive shell functionality to ensure they
do not expose code module internals without proper access controls.


## References

- [Python docs: code module](https://docs.python.org/3/library/code.html)
- [CWE-95: Eval Injection](https://cwe.mitre.org/data/definitions/95.html)
- [OWASP Code Injection](https://owasp.org/www-community/attacks/Code_Injection)
- [OWASP Top 10 A03:2021 Injection](https://owasp.org/Top10/A03_2021-Injection/)
- [Werkzeug Debug Console RCE (CVE-2019-14322)](https://nvd.nist.gov/vuln/detail/CVE-2019-14322)

---

Source: https://codepathfinder.dev/registry/python/lang/PYTHON-LANG-SEC-003
Code Pathfinder — Open source, type-aware SAST with cross-file dataflow analysis