[Flask] Executing user input python code inside flask app context
Ares Ou
aresowj at gmail.com
Sun Aug 21 16:32:15 EDT 2016
I guess u should at least run you app with a limited user to avoid those
dangerous actions. Then try to filter out all undesired patterns.
On Aug 21, 2016 12:11, "Alex Alex" <alex-alex-90 at wp.pl> wrote:
> Hi,
>
>
>
> I'm working on flask based webapp that requires users to be able to eneter
> and execute python code (+ presenting exeuction output) within flask app
> context. As I'm new to flask (and I love it) I'd be greatful for any tips
> regarding implementing such functionality. As a side note: the security is
> not a concern so please don't responde with code snippets containg
> os.system('rm -rf /') as example of dangerus user input. I'm also not
> interested in running code inside pypy sandbox (at least not on
> this stage).
>
> Thank you in advance
> BR
> Alex
>
>
>
>
> _______________________________________________
> Flask mailing list
> Flask at python.org
> https://mail.python.org/mailman/listinfo/flask
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20160821/5fe2e396/attachment.html>
More information about the Flask
mailing list