Path: csiph.com!usenet.pasdenom.info!aioe.org!news.stack.nl!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.009 X-Spam-Evidence: '*H*': 0.98; '*S*': 0.00; 'true,': 0.04; 'false,': 0.07; 'python': 0.09; 'builtins': 0.09; 'system?': 0.09; '(like': 0.15; 'sat,': 0.15; 'calculator': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'oct': 0.16; 'wrote:': 0.17; 'instance,': 0.17; 'sort': 0.21; 'received:209.85.214.174': 0.21; 'feature': 0.24; 'script': 0.24; 'header:In-Reply-To:1': 0.25; 'am,': 0.27; 'message-id:@mail.gmail.com': 0.27; 'chris': 0.28; 'environment': 0.29; 'objects': 0.29; 'classes': 0.30; 'basic': 0.30; 'implement': 0.32; 'file': 0.32; 'could': 0.32; 'problem': 0.33; 'to:addr:python-list': 0.33; 'received:google.com': 0.34; 'pm,': 0.35; 'received:209.85': 0.35; 'something': 0.35; 'but': 0.36; 'modules': 0.36; 'too': 0.36; 'october': 0.37; 'being': 0.37; 'received:209': 0.37; 'far': 0.37; 'subject:: ': 0.38; 'files': 0.38; 'some': 0.38; 'to:addr:python.org': 0.39; 'received:209.85.214': 0.39; 'header:Received:5': 0.40; 'most': 0.61; 'making': 0.64; 'useful.': 0.65; 'etc),': 0.84; 'hardly': 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=4nne4PoRX+3idWwZxWoYnPNNoykiji6eB+ioh/mv6E8=; b=zFDrlFLgI21CeFm1KYYxKvJKPyHWiiV3nCq8p5UVmYu56W0vjGWfTHEQ5CoCr6kCN3 DHNao8DfQunlW9tZPBf+H4G3gfOJowOXSjpNtD79NGsTVRzSBLfVvHCUvxcu46wRVP65 tnUA2iPB7ifr3ikPMx9aVLNQlFg+/ZB9vX9JWDkW5OskVTrEMKpnlPokL+tXuoLxGqkU tiUW+Lzrd+LqL3qokYpTCIfNdOIapB/Gau5syT5ilVg6H/TqM7VVCSdihsPUFuCcVg1/ 7QcvIqg+yTi5jJ94RxOgwUXtaPSglbRZ47FIWYx7FohJbsX/ga1W/M2LIabyfYjgz9dV HwVA== MIME-Version: 1.0 In-Reply-To: <3585c6f6-4152-4163-873b-396a0f73ba3b@googlegroups.com> References: <4hrls608xbax633ej6s1n54j.1349475464556@email.android.com> <3585c6f6-4152-4163-873b-396a0f73ba3b@googlegroups.com> Date: Sat, 6 Oct 2012 19:23:16 +1000 Subject: Re: Executing untrusted scripts in a sandboxed environment From: Chris Angelico To: python-list@python.org Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 20 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1349515398 news.xs4all.nl 6954 [2001:888:2000:d::a6]:45396 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:30879 On Sat, Oct 6, 2012 at 7:10 PM, Ramchandra Apte wrote: > On Saturday, 6 October 2012 12:49:29 UTC+5:30, Chris Angelico wrote: >> On Sat, Oct 6, 2012 at 8:22 AM, Robin Krahl wrote: >> > What is the best way to "embed" a script engine in a sandboxed environment that has access to the Python modules and classes that I provide? >> >> With extreme difficulty. > > Something like ast.literal_eval may be useful. Not really; it's hardly sufficient. That sort of feature is handy for making an expression evaluator; for instance, you could implement a powerful calculator with it. But it's far too limited for most applications. The main problem is permitting some of the basic builtins (like True, False, len(), etc), without those objects being used as gateways. Did you know, for instance, that len.__self__.open() can be used to read and write files on the file system? ChrisA