Greetings everybody, I've been reading and mulling about python and security, specifically in terms of executing code that may or may not be trustworthy. I understand that libraries such as Rexec and Bastion are now deprecated because they have known vulnerabilities that may be exploited to circumvent the restrictions imposed.
So, am I right in understanding that is not possible to execute a piece of code in a way that limits the objects and attributes that it can access or that limits its access to file system and sockets? Are there best practices to at least minimize some of the risks associated with untrusted code execution? And whatever happened to this: http://sayspy.blogspot.com/2007/05/i-have-finished-securing-python.html seemed to be a step forward in the right direction! Manu -- http://mail.python.org/mailman/listinfo/python-list
