Hello, I'm exploring the idea of having my students submit their programming assignments through a Web dropboxand having those assignments automatically marked by a script that runs the submitted program with pre-arranged test data, catching any boo-boos with exceptions. Here's the problem: this plan violates the secure programming principle that you should never treat data as code and I might be leaving myself open for some serious malware. Does anyone have any experience with restricting the privileges of a running Python program? As a first pass, I would: * run Python in a chroot(2) jail * load the jail with only the bare minimum to run Python and remove networking and os modules (at least). * scan the submitted programs for usage of sys.path. Any other suggestions? Thanks --Louis -- Louis Bertrand <louis.bertrand@durhamc.on.ca> School of Technology, Durham College Oshawa, ON, Canada +1.905.721.3111 x2468