Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.022 X-Spam-Evidence: '*H*': 0.96; '*S*': 0.00; 'security.': 0.09; 'subject:()': 0.09; '(like': 0.15; '(must': 0.16; 'anyway).': 0.16; 'fine.': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'limit,': 0.16; 'oct': 0.16; 'programmatic': 0.16; 'programmers.': 0.16; 'screening': 0.16; 'wrote:': 0.17; 'instance,': 0.17; 'memory': 0.18; 'sort': 0.21; 'fairly': 0.21; 'header:In-Reply-To:1': 0.25; 'common': 0.26; 'leave': 0.26; 'am,': 0.27; 'designer': 0.27; 'errors.': 0.27; 'in.': 0.27; 'message-id:@mail.gmail.com': 0.27; 'loop,': 0.29; 'van': 0.29; 'probably': 0.29; 'fri,': 0.30; 'code': 0.31; 'gets': 0.32; 'point,': 0.33; 'handle': 0.33; 'to:addr:python-list': 0.33; 'everyone': 0.33; 'received:google.com': 0.34; 'received:209.85': 0.35; 'add': 0.36; 'actions': 0.36; 'should': 0.36; 'option': 0.37; 'received:209': 0.37; 'subject:: ': 0.38; 'some': 0.38; 'to:addr:python.org': 0.39; 'header:Received:5': 0.40; 'help': 0.40; 'your': 0.60; 'customer': 0.61; "you'll": 0.62; 'stuck': 0.65; 'account': 0.67; 'eight': 0.71; 'sounds': 0.71; 'designers': 0.75; 'informed': 0.75; 'flexible,': 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=uxBjGDHhxuc61qOFdOL/NdkiNcgSzZ6pnEjX+pAfYQI=; b=dKdQA3G84h/xkdyOx/Y1nP5ikjdtU3nxCDjbDXoZnCfVPzTrXc7wybZajf4qNN3lAn Jz2GqHYUvqLFE75SP0CjINHM2T35ep+mzp1J1JzwCdiXS5/ZvCTc8JlxwUfXBZrd0RFs PezwLu64IMv2rsPvwv5ZjL2aGQTRtY1iYzY6vlE6Aw2ZHnQ1VTD1kxipHpDRvfNUL4hv 6zMli1VmlzaOajvkSCx0WFeyCfcR0q5XHFUUDpcnMGSDnP4MuDurIn3zNnv6VL7eIhVw 3EDgd5yGs/tHm02Q3lrME7YoF8gUo5vJfSpVxNR96Mnv1SFT4e9WogSQ5/oTRoau54WQ 89jg== MIME-Version: 1.0 In-Reply-To: <2e5df7eb-7781-4c32-a9a7-088be940a4d3@googlegroups.com> References: <2f12fa83-54cc-4fc2-85e4-b8aebebf4242@googlegroups.com> <05702a47-ff6b-4589-8352-d21b1921e77e@googlegroups.com> <2e5df7eb-7781-4c32-a9a7-088be940a4d3@googlegroups.com> Date: Fri, 19 Oct 2012 02:16:46 +1100 Subject: Re: use of exec() From: Chris Angelico To: python-list@python.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 21 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1350573409 news.xs4all.nl 6908 [2001:888:2000:d::a6]:35397 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:31652 On Fri, Oct 19, 2012 at 2:00 AM, lars van gemerden w= rote: > I get your point, since in this case having the custom code option makes = the system a whole lot less complex and flexible, i will leave the option i= n. The future customer will be informed that they should handle the securit= y around the designers as if they were programmers. Aditionally i will prob= ably add some screening for unwanted keywords (like 'import') and securely = log any new/changed custom code including the designer account (must do tha= t for other actions anyway). That sounds like a reasonable implementation of Layer Eight security. As long as everyone understands that this code can do ANYTHING, you'll be fine. You may want to add some other programmatic checks, though; for instance, a watchdog timer in case the code gets stuck in an infinite loop, or a memory usage limit, or somesuch. Since you're no longer worrying about security, this sort of thing will be fairly easy, and will be just to help catch common errors. ChrisA