On Tue, Feb 24, 2009 at 6:46 AM, Andrew Dalke <dalke@dalkescientific.com> wrote:
On Tue, Feb 24, 2009 at 3:05 PM, tav <tav@espians.com> wrote:
And instead of trying to make tb_frame go away, I'd like to add the following to my proposed patch of RESTRICTED attributes:
* f_code * f_builtins * f_globals * f_locals
That seems to do the trick...
A goal is to use this in App Engine, yes? Which uses cgitb to report errors? Which needs these restricted frame attributes to report the values of variables when the error occurred?
The goal is not to run the entire app in the sandbox. The goal (Tav's goal I should say -- I don't have this need myself :-) is for an app to be able to safely run snippets of Python uploaded by users of the app. I think it's fine if those snippets can't format beautiful tracebacks -- the app's own ability to do so is not affected. -- --Guido van Rossum (home page: http://www.python.org/~guido/)