[EMAIL PROTECTED] wrote: > I had a quick look at the python source code and fileobject.c is one of > the core classes which, I would imagine, is why a reference can be > obtained. The other classes (method, dictionaries etc) don't look so > much of a liability. I'll maybe try disabling the fopen calls in > fileobject and see if it breaks anything (I've no need to open/close > files using the standard libraries). > > Are there any other holes you can think of in the following scenario- > I disable all builtins except import which I protect in my 'Isolate' > class, I then only allow import to import a single module name.
You *really* ought to be checking the list archives for the *many* past discussions of this, and the many ways in which it is nowhere near as easy as you seem to think it might be, as well as for the variety of partially completed efforts -- some of which closely resemble your approach -- which have been abandoned after it was demonstrated how the could not work. On the other hand, after reading all that, you just might be the one to come up with the solution that combines just enough of each approach to solve the problem once and for all, and the community would be very grateful to you. But I doubt you'll solve this by asking Jp to review (and, inevitably, shoot down) each idea you come up with. Give him a break until you've read some of the archived material on this. :-) -Peter -- http://mail.python.org/mailman/listinfo/python-list
