Thanks a lot Alfonso for your quick and useful answer. I agree with your concerns about security. It's a real issue.
On the other side, I'm taking into account some issues that help to mitigate the risks: - It will be a trusted and trained user of my company(non IT person), not the customer, with an specific role limiting the access to that funcionallity. - Inside of a module there is a lower risk if somebody is messing around because all of the critical objects like db, request, ... are not available as happens in the controllers, unless explicitly passed as arguments, and that is not gonna happen. I'm just using dictionaries to send variables, receive results. Until now, my greatest concern is about unintended user errors in the formulas, causing an exception. I thought about creating a file with an scaffolding module, letting the user download it, edit it and upload again. Then the uploaded code could be checked as you suggest, compiled to detect errors, etc. I'm considering that it will be safer/easier to have different user modules(actually files), for every different set of business rules, than one module with different functions. I find the options you mentioned, like context managers and threads really interesting. Need to consider it carefully because I haven't deal with them until now. And thanks a lot for the video reference. Most interesting. Any other hints will be welcome. Thank you and best regards. El miércoles, 27 de abril de 2016, 12:07:38 (UTC+2), Alfonso Serra escribió: > > Allowing users to execute random code within the webapp environment is a > really bad idea. > A simple db.auth_user.truncate() within any of those user functions would > tear your whole app apart. > > Some suggestion is the creation of any kind of engine or environment in > which to execute code safely. > In order to do that you can use the app to inspect the code for forbidden > commands or check to whether the function returns a result or not. > > In python you can create context managers that could take care of that. > > You can also try to launch user defined code as independent threads. See > threading module. > > In a sense, those user functions are dynamic, so should be text that you > can store in the database or text files in a private folder. The > application could pull that data and use exec(random_code) within a safe > environment. There are some examples in david beazly's video about > metaprogramming <https://www.youtube.com/watch?v=sPiWg5jSoZI>. > > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
