Running insecure python code
Mark 'Kamikaze' Hughes
kamikaze at kuoi.asui.uidaho.edu
Thu Mar 4 16:04:25 EST 2004
Bob Ippolito <bob at redivi.com>
wrote on Fri, 27 Feb 2004 18:57:55 -0500:
> You can try looking into PyPy or something. In practice, an
> interpreter written in Python is probably going to be far too slow to
> be used for any sort of modern game.
You could translate your more limited scripting language into Python,
and then eval it. This should be reasonably fast, and if you're careful
not to pass unescaped strings from the player through to Python, it
should be secure.
For maximum fun, the limited scripting language should be a subset of
Python.
--
<a href="http://kuoi.asui.uidaho.edu/~kamikaze/"> Mark Hughes </a>
"Doing the impossible makes us mighty." -Captain Malcolm Reynolds, Firefly
More information about the Python-list
mailing list