Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #30878
| Path | csiph.com!usenet.pasdenom.info!news.albasani.net!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <maniandram01@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.000 |
| X-Spam-Evidence | '*H*': 1.00; '*S*': 0.00; 'wiki': 0.03; 'languages,': 0.04; '[0]': 0.07; 'objects,': 0.07; 'scripts': 0.09; 'python': 0.09; 'to:addr:comp.lang.python': 0.09; 'url:pypy': 0.09; 'variants': 0.09; 'cc:addr:python-list': 0.10; 'ironpython': 0.16; 'runtimes': 0.16; 'scripting.': 0.16; 'scripts.': 0.16; 'wrote:': 0.17; 'url:moin': 0.17; 'all,': 0.21; 'java': 0.21; 'help.': 0.22; 'cc:2**0': 0.23; 'cc:no real name:2**0': 0.24; 'script': 0.24; 'cc:addr:python.org': 0.25; 'header:In-Reply-To:1': 0.25; 'header :User-Agent:1': 0.26; 'url:wiki': 0.26; '(see': 0.27; '[1]': 0.27; 'environment.': 0.27; 'question': 0.27; '(as': 0.27; 'authors': 0.27; 'environment': 0.29; 'restricted': 0.29; '"the': 0.29; 'classes': 0.30; 'url:python': 0.32; 'file': 0.32; 'received:google.com': 0.34; 'thanks': 0.34; 'received:209.85': 0.35; 'url:org': 0.36; 'modules': 0.36; 'execute': 0.37; 'october': 0.37; 'received:209': 0.37; 'received:209.85.216': 0.37; 'subject:: ': 0.38; 'url:en': 0.38; 'page': 0.38; 'several': 0.39; 'system.': 0.39; 'your': 0.60; 'execution,': 0.91; 'url:sandbox': 0.95 |
| Newsgroups | comp.lang.python |
| Date | Sat, 6 Oct 2012 02:11:54 -0700 (PDT) |
| In-Reply-To | <mailman.1876.1349476204.27098.python-list@python.org> |
| Complaints-To | groups-abuse@google.com |
| Injection-Info | glegroupsg2000goo.googlegroups.com; posting-host=122.167.240.170; posting-account=uPFZNQoAAAAm9w7z13q1SjWNKNjztdcD |
| References | <mailman.1876.1349476204.27098.python-list@python.org> |
| User-Agent | G2/1.0 |
| X-Google-Web-Client | true |
| X-Google-IP | 122.167.240.170 |
| MIME-Version | 1.0 |
| Subject | Re: Executing untrusted scripts in a sandboxed environment |
| From | Ramchandra Apte <maniandram01@gmail.com> |
| To | comp.lang.python@googlegroups.com |
| Content-Type | text/plain; charset=ISO-8859-1 |
| Content-Transfer-Encoding | quoted-printable |
| Cc | python-list@python.org |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.15 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Message-ID | <mailman.1896.1349514717.27098.python-list@python.org> (permalink) |
| Lines | 28 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1349514717 news.xs4all.nl 6985 [2001:888:2000:d::a6]:37238 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:30878 |
Show key headers only | View raw
On Saturday, 6 October 2012 04:00:08 UTC+5:30, Robin Krahl wrote: > Hi all, > > I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting. > > I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine in a sandboxed environment that has access to the Python modules and classes that I provide? > > Thanks for your help. > > Best regards, > Robin > > [0] http://wiki.python.org/moin/SandboxedPython > [1] http://stackoverflow.com/questions/3068139/how-can-i-sandbox-python-in-pure-python >From http://wiki.python.org/moin/SandboxedPython "The Java and CLR/.NET runtimes support restricted execution, and these can be utilised through the Jython and IronPython variants of Python (as well as by other languages, obviously)." You can also check out http://doc.pypy.org/en/latest/sandbox.html for PyPy's sandbox
Back to comp.lang.python | Previous | Next — Previous in thread | Find similar | Unroll thread
Executing untrusted scripts in a sandboxed environment Robin Krahl <me@robin-krahl.de> - 2012-10-06 00:22 +0200 Re: Executing untrusted scripts in a sandboxed environment Ramchandra Apte <maniandram01@gmail.com> - 2012-10-06 02:11 -0700 Re: Executing untrusted scripts in a sandboxed environment Ramchandra Apte <maniandram01@gmail.com> - 2012-10-06 02:11 -0700
csiph-web