Chris Angelico <ros...@gmail.com> writes: > users to supply scripts which will then run on our servers... > The environment is Python 3.3a0 embedded in C++, running on Linux.
This doesn't sound like a bright idea, given the well-known difficulty of sandboxing Python. Geordi <http://weegen.home.xs4all.nl/eelis/geordi/> has some interesting examples (C++) you might want to try translating to Python and running on your server. It uses ptrace to control the execution of potentially hostile code. I don't know if any exploits have been found or whether it's still active. Maybe you want to look at Lua. IMHO it's not a very nice language, but I've heard that it's easy to embed and sandbox. -- http://mail.python.org/mailman/listinfo/python-list
