On Sun, Aug 15, 2010 at 12:06:35AM +0000, Steven D'Aprano wrote: > Hmmm... is that meant just as an illustration of a general technique, or > do you actually have something against the class of 0? It's a short illustration; 0 .__class__ itself is harmless, but e.g. 0 .__class__.__base__.__subclasses__() isn't.
> > But note that this is not a real sandbox! As soon as you allow *any* > > unsafe function (e.g. open, import, eval, getattr etc.), you can easily > > break out. > > Isn't that true of any sandbox though? Surely by definition, if you allow > an unsafe function in any sandbox, it's no longer an effective sandbox. In my opinion, a "real" sandbox should allow to use "unsafe" functions (e.g. open(), import modules etc.) -- so you could run your normal code in it. But it should prevent the "bad" effects of the code, e.g. by redirecting I/O, limiting resources etc. regards, Roland -- http://mail.python.org/mailman/listinfo/python-list
