Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #30888 > unrolled thread
| Started by | Rodrick Brown <rodrick.brown@gmail.com> |
|---|---|
| First post | 2012-10-06 09:25 -0400 |
| Last post | 2012-10-06 09:25 -0400 |
| Articles | 1 — 1 participant |
Back to article view | Back to comp.lang.python
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
Re: Executing untrusted scripts in a sandboxed environment Rodrick Brown <rodrick.brown@gmail.com> - 2012-10-06 09:25 -0400
| From | Rodrick Brown <rodrick.brown@gmail.com> |
|---|---|
| Date | 2012-10-06 09:25 -0400 |
| Subject | Re: Executing untrusted scripts in a sandboxed environment |
| Message-ID | <mailman.1901.1349529925.27098.python-list@python.org> |
On Oct 5, 2012, at 6:32 PM, Robin Krahl <me@robin-krahl.de> wrote: > Hi all, > > I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting. > > I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine in a sandboxed environment that has access to the Python modules and classes that I provide? Checkout udacity.com I think there is a writeup on stackoverflow on how they accomplished their sandbox runtime env. > > Thanks for your help. > > Best regards, > Robin > > [0] http://wiki.python.org/moin/SandboxedPython > [1] http://stackoverflow.com/questions/3068139/how-can-i-sandbox-python-in-pure-python > -- > http://mail.python.org/mailman/listinfo/python-list
Back to top | Article view | comp.lang.python
csiph-web