Is it actually possible to build a "sandbox" around eval, permitting it only to do some arithmetic and use some math functions, but no filesystem acces or module imports?
I have an application that loads calculation recipes (a few lines of variable assignments and arithmetic) from a database. exec(string, globals, locals) with locals containing the input variables, and globals has a __builtin__ object with a few math functions. It works, but is it safe? -- https://mail.python.org/mailman/listinfo/python-list
