[IronPython] [IronPython 1.1] Scoping Advice(?)

[Leo Carbajal]

Greetings everyone,

I've found this list an invaluable resource just by browsing past
conversations, however I was hoping to get a little advice and direction
with a question that I haven't really seen covered. (lately) I'm trying to
integrate IronPython into a live gaming server, which means opening it up to
people beyond my immediate circle of retribution should they do something
unpleasant.

What I'm looking for is some advice as to how to tighten the scope of a
module so that only the exposed hooks of my API are available. What I mean
to say is, those API hooks are already visible, what bothers me is that I
can type a couple of import statements into a script and do things like
inspect the file system and manipulate those files, etc. After poking at the
source I did something really inelegant, I made it so the parser did not
recognize the import keyword, but I can't help but think there has to be a
better way (as well as unseen consequences I haven't run into yet).

I could inspect every single script being submitted, and I do, however the
intent is to release the codebase for others to build their own worlds with.
The engine is friendly enough that non-hardcore coders can use it, and the
API is self-sufficient, which means that all an admin has to do is learn the
basic lexical structure of Python to really take advantage of it. Still, I
don't want a situation to arise where someone has a bad day and decides to
run a script that deletes all the files in the directory or something.

I'm not sure if I'm articulating myself correctly, it's late and I've spent
the last hour or so poring over the documentation to see if I could find
something. Any advice?

---
Leo C.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ironpython-users/attachments/20080314/951230a0/attachment.html>