On Wed, 27 Nov 2013 11:40:52 -0800, magnus.ly...@gmail.com wrote: > What I'm really after, is to check that python expressions embedded in > text files are: - well behaved (no syntax errors etc) - don't > accidentally access anything it shouldn't - I serve them with the values > they need on execution
If you are trying to get safe execution of untrusted code in Python, you should read this recent thread from the Python core developers: https://mail.python.org/pipermail/python-dev/2013-November/130132.html Probably the only way to securely sandbox untrusted Python code is to use operating system level security (such as a chroot jail) or an implementation such as PyPy which has been designed from the beginning to be sandboxed -- and even that may simply mean that nobody has broken out of PyPy's sandbox *yet*. Looking back at your example: compile('sin(5) * cos(6)', '<string>', 'eval').co_names I'm not sure I understand why you inspect the co_names. What does that give you? You can tell that there are no syntax errors just by compiling it, if there are syntax errors it will raise SyntaxError. I would pre-process the string before compiling and disallow *anything* containing "eval", "exec", or underscore. I'd also apply a limit to the total length of the string. That doesn't necessarily rule out a hostile user running arbitrary code, but it does make it harder. Also, when you execute the compiled code, don't do this: eval(code) # No! Instead, provide an explicit globals and locals namespace: safe_ish_namespace = {'__builtins__': None} eval(code, safe_ish_namespace) Again, this increases the barrier to somebody hacking out of your sandbox without ruling it out altogether. Good luck! -- Steven -- https://mail.python.org/mailman/listinfo/python-list
