"Johannes" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >I am thinking of replacing Lua as internal script controller and I know >how to extend/embed python but is > there a way of limiting what functionality can be actually be accessible > to the user, f.e. I don't want the script to be able > to read/write files?
There have been various threads on script security (see Google). Summary: you can do various things to enhance security, such as replacing builtins (like file() and open()), but, especially with new-style classes and associated features, there is no known way to absolutely control access. Besides which, 'while True: pass', in all its guises, is also hard to stop. Terry J. Reedy -- http://mail.python.org/mailman/listinfo/python-list
