If this is a FAQ, please let me know where the answer is.
I have in some code an 'eval', which I hate, but it's the shortest
path to where I need to get at this point. I thought that one way I
could harden the enviroment against malicious code would be to
temporarily disable the import statement by overloading __import__,
but I tried what seemed obvious to me, and it didn't work.
What I want do do is something like this:
def __import__(*args, **kwargs):
raise ImportError, 'Not so fast, bucko!'
eval(potentially_dangerous_string)
del __import__ # To get the builtin behavior back.
Am I barking up the wrong tree with __import__?? Where should I look
for this answer?
Thanks.
--
Steve Juranich
Tucson, AZ
USA
--
http://mail.python.org/mailman/listinfo/python-list
