[pypy-dev] Re: Mixed modules for both PyPy and CPython
"news-8a9e0fd91190ca" at northportal.net
Wed Apr 12 20:43:57 CEST 2006
There is one other issue which may be relevant: restricted python.
Restricted python implementations recently showed up on the py3k list as
a wishlist item - and they are wanted even for python 2.X.
I thought that pypy might be the answer to these restricted python
wishes. Implementation would be as follows:
For all allowed functionality, create a compilable pypy extension to
For restricted functionality, delegate to a CPyObjectSpace which could
allow/disallow or modify the operation.
What makes this work where CPy couldn't is the ability to use two
different cooperating object spaces to evaluate an expression. CPy
doesn't have the object space abstraction which would allow this sort of
Another benefit is that different restricted interpreters could be
created, each with a different set of allowed and disallowed operations.
(compile a restricted PyPy - rpy - as a CPy extension here)
>>> import rpy
>>> def filehandler(fname, mode):
... if fname in ['allowed1.txt', 'allowed2.txt']:
... return open(fname, mode)
... raise rpy.Restricted('File access not permitted')
>>> interp = rpy.new() # restrictions were defined at compile time
>>> # Add a callback for some restricted functionality
>>> interp.add_handler('file', filehandler)
>>>> # Now in rpy
>>>> 2 + 3 # Allowed operation, didn't hit any restrictions
>>>> open('allowed1.txt', 'r') # allowed by handler
<Restricted File 'allowed1.txt' at 0x23891910>
>>>> open('disallowed.txt', 'r') # disallowed by handler
Traceback (most recent call last):
File "<interp_stdin>", line 1, in ?
__main__.__interp__.Restricted: File access not permitted
Would either of these approaches lend itself better to this sort of
restricted execution idea?
More information about the Pypy-dev