Unless you remove all the things labelled "keep away from children". I wrote this sandbox to allow python to be used as a "mods"/"add-ons" language for a game I'm writing, hence the perhaps too strict nature.

About the crashers: as this is for games, its "fine" for the game to crash, as long as the sandbox is not broken while crashing.

time and math can probably be allowed, but random imports a lot of undesirable modules.

My sandbox doesn't use proxies, due to the introspection and complexity that it involves. Instead it completely isolates the sandboxed globals, and checks all arguments and globals for irregularities before passing control to non-sandboxed functions.

On 13 August 2014 14:11, Isaac Morland <ijmorlan@uwaterloo.ca> wrote:

On Mon, 11 Aug 2014, Skip Montanaro wrote:

On Mon, Aug 11, 2014 at 12:42 PM, matsjoyce <matsjoyce@gmail.com> wrote:

There maybe some holes in my approach, but I can't find them.

There's the rub. Given time, I suspect someone will discover a hole or two.

Schneier's Law:

Any person can invent a security system so clever that she or he can't
think of how to break it.

While I would not claim a Python sandbox is utterly impossible, I'm suspicious that the whole "consenting adults" approach in Python is incompatible with a sandbox. The whole idea of a sandbox is to absolutely prevent people from doing things even if they really want to and know what they are doing.

Isaac Morland CSCF Web Guru
DC 2554C, x36650 WWW Software Specialist