42 <[EMAIL PROTECTED]> writes: > Googling for information on securing Python in a "sandbox" seems > indicate that there are some built in features, but they aren't really > trustworthy. Is that correct?
Yes. > For my purposes, I really just want to let users run in a sandbox, with > access to only the language, manipuate a few published objects in the > application (and perhaps give them some string and math libraries if > applicable). If they are malicious, this is asking for trouble. > I was wondering if it would be effective to pre-parse incoming scripts > and reject those containing "import"? I'd also have the application > inject the (short) list of trusted imports to the script before passing > it to the interpreter. No, that's not enough. > Would this sufficient? Are there any drawbacks or giant gaping holes? > I'm anticipating that I'd also need to block 'exec' and 'eval' to > prevent an import from being obfuscated past the pre-parse. > > Or is this a hopeless cause? Yes. It's even difficult with Java and Javascript, which were designed to have such security. -- http://mail.python.org/mailman/listinfo/python-list
