On Mon, 20 Jan 2020 06:43:41 +1100 Chris Angelico <ros...@gmail.com> wrote:
> On Mon, Jan 20, 2020 at 4:43 AM <mus...@posteo.org> wrote: > > It works, but is it safe? > > As such? No. That's what many people have said, and I believe them. But just from a point of technical understanding: If I start with empty global and local dicts, and an empty __builtins__, and I screen the input string so it can't contain the string "import", is it still possible to have "targeted" malicious attacks? Of course by gobbling up memory any script can try and crash the Python interpteter or the whole machine wreaking all sorts of havoc, but by "targeted" I mean accessing the file system or the operating system in a deterministic way. My own Intranet application needs to guard against accidents, not intentionally malicious attacks. > However, there are some elegant hybrid options, where you > can make use of the Python parser to do some of your work, and then > look at the abstract syntax tree. Sounds interesting. All I need is a few lines of arithmetic and variable assignments. Blocking ':' from the input should add some safety, too. > Research the "ast" module for some ideas on what you can do. Will do. -- https://mail.python.org/mailman/listinfo/python-list
