On Fri, May 29, 2015 at 4:41 AM, Stefan Behnel <stefan...@behnel.de> wrote: > davidf...@gmail.com schrieb am 26.05.2015 um 04:24: >> Has anyone on this list attempted to sandbox Python programs in a >> serious fashion? I'd be interested to hear your approach. > > Not quite sandboxing Python, but I've seen people use my Lupa [1] library > for this. They're writing all their code in Python, and then let users > embed their own Lua code into it to script their API. The Lua runtime is > apparently quite good at sandboxing, and it's really small, just some 600KB > or so. Lupa then lets you easily control the access to your Python code at > a whitelist level by intercepting all Python attribute lookups. > > It doesn't add much to your application to embed Lua (or even LuaJIT) in > Python, and it gives users a nicely object oriented language to call and > orchestrate your Python objects.
Lua's a much weaker language than Python is, though. Can it handle arbitrary-precision integers? Unicode? Dare I even ask, arbitrary-precision rationals (fractions.Fraction)? Security comes at a price, I guess. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
