Check out http://mail.python.org/pipermail/python-dev/2003-January/031851.html for a historical thread on rexec.py's vulnerabilities.
Right now, the answer for people who want restricted execution is usually "wait for pypy", due to the number of tricks that can subvert the rexec model. There are probably some one-off, application-specific things you can do that might meet your requirements, like special import hooks, sys.settrace() callbacks that inspect each running frame (and are slow), and namespace restrictions on stuff passed to exec or eval. If you really need sandboxing, your probably out of luck. Setting up a usermode linux instance or chrooted jail is probably the best bet today.
/arg
On Jan 4, 2005, at 6:38 PM, Rolf Magnus wrote:
Hi,
I would like to embed a python interpreter within a program, but since that
program would be able to automatically download scripts from the internet,
I'd like to run those in a restricted environment, which basically means
that I want to allow only a specific set of modules to be used by the
scripts, so that it wouldn't be possible for them to remove files from the
hard drive, kill processes or do other nasty stuff.
Is there any way to do that with the standard python interpreter?
-- http://mail.python.org/mailman/listinfo/python-list
-- http://mail.python.org/mailman/listinfo/python-list
