Mattia Adami a écrit : > Hi to all. > I'm intristing in write a plugin for browsers that can execute python > code. > I know the main problem is security. Many thread were opened about this > in the ng. > I would know if fork python rewriting some library could avoid > problems. I.e. one problem is the possibility to access files. If I > rewrite the open() function so that raises exception if the program try > to access a file out of a defined directory. > I'm sure not a security expert, so please be patient if my question is > stupid. > Thanks to all.
I'm not a security expert either, but you may want to have a look at the way Zope 2.x handles this kind of restrictions for TTW scripts. -- http://mail.python.org/mailman/listinfo/python-list
