Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #30845
| Date | 2012-10-06 00:22 +0200 |
|---|---|
| Subject | Executing untrusted scripts in a sandboxed environment |
| From | Robin Krahl <me@robin-krahl.de> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.1876.1349476204.27098.python-list@python.org> (permalink) |
Hi all,
I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.
I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine in a sandboxed environment that has access to the Python modules and classes that I provide?
Thanks for your help.
Best regards,
Robin
[0] http://wiki.python.org/moin/SandboxedPython
[1] http://stackoverflow.com/questions/3068139/how-can-i-sandbox-python-in-pure-python
Back to comp.lang.python | Previous | Next — Next in thread | Find similar | Unroll thread
Executing untrusted scripts in a sandboxed environment Robin Krahl <me@robin-krahl.de> - 2012-10-06 00:22 +0200 Re: Executing untrusted scripts in a sandboxed environment Ramchandra Apte <maniandram01@gmail.com> - 2012-10-06 02:11 -0700 Re: Executing untrusted scripts in a sandboxed environment Ramchandra Apte <maniandram01@gmail.com> - 2012-10-06 02:11 -0700
csiph-web