Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #106572

Re: Untrusted code execution

Show all headers | View raw

On Tue, Apr 5, 2016, at 21:43, Steven D'Aprano wrote:
> As Zooko says, Guido's "best argument is that reducing usability (in
> terms
> of forbidding language features, especially module import) and reducing
> the
> usefulness of extant library code" would make the resulting interpreter
> too
> feeble to be useful.

You don't have to forbid module import. The sandbox could control what
modules can be loaded, and what happens when you try to load a module.

import sys
module = type(sys)
fm = {}

def fimp(name, *etc):
    # In a real implementation, this could also load whitelisted modules
    try:
        return fm[name]
    except KeyError:
        raise ImportError("Tried to load restricted module " + name)

fm['builtins'] = fb = module('builtins')
fb.int = int
fb.str = str
fb.len = len
fb.print = print
fb.__import__ = fimp
fm['sys'] = fsys = module('sys')
fsys.modules = fm

exec("""
import sys
print(sys.modules.keys())
""", {'__builtins__': fb})

Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread

Thread

Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-03 21:12 +0000
  Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 13:46 +0000
    Re: Untrusted code execution Rustom Mody <rustompmody@gmail.com> - 2016-04-05 07:17 -0700
      Re: Untrusted code execution Ian Kelly <ian.g.kelly@gmail.com> - 2016-04-05 08:50 -0600
      Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 17:26 +0000
        Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 18:50 +0000
          Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 19:14 +0000
        Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 19:13 +0000
        Re: Untrusted code execution Steven D'Aprano <steve@pearwood.info> - 2016-04-06 11:43 +1000
          Re: Untrusted code execution Random832 <random832@fastmail.com> - 2016-04-06 09:14 -0400
            Re: Untrusted code execution Steven D'Aprano <steve@pearwood.info> - 2016-04-07 11:45 +1000
              Re: Untrusted code execution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2016-04-07 14:48 +1000
              Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-07 15:18 +0000
                Re: Untrusted code execution Steven D'Aprano <steve@pearwood.info> - 2016-04-08 15:28 +1000
          Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-07 12:13 +0000
            Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-07 14:25 +0000
              Re: Untrusted code execution Steven D'Aprano <steve@pearwood.info> - 2016-04-08 15:26 +1000
            Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-07 17:20 +0000
              Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-07 17:35 +0000
              Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-10 17:06 +0000
      Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 17:40 +0000
    Re: Untrusted code execution Paul Rubin <no.email@nospam.invalid> - 2016-04-05 13:39 -0700
      Re: Untrusted code execution Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-04-05 21:13 +0000
        Re: Untrusted code execution Paul Rubin <no.email@nospam.invalid> - 2016-04-07 00:08 -0700
          Re: Untrusted code execution Lele Gaifax <lele@metapensiero.it> - 2016-04-08 10:10 +0200

csiph-web