[Python-checkins] python/dist/src/Lib rexec.py,1.34,1.34.10.1

rhettinger@users.sourceforge.net rhettinger@users.sourceforge.net
Wed, 29 May 2002 16:44:52 -0700 

Update of /cvsroot/python/python/dist/src/Lib
In directory usw-pr-cvs1:/tmp/cvs-serv6575

Modified Files:
      Tag: release22-maint
	rexec.py 
Log Message:
Backport change to 1.35 adding doc strings

Index: rexec.py
===================================================================
RCS file: /cvsroot/python/python/dist/src/Lib/rexec.py,v
retrieving revision 1.34
retrieving revision 1.34.10.1
diff -C2 -d -r1.34 -r1.34.10.1
*** rexec.py	13 Oct 2001 18:34:42 -0000	1.34
--- rexec.py	29 May 2002 23:44:50 -0000	1.34.10.1
***************
*** 115,120 ****
  
  class RExec(ihooks._Verbose):
  
!     """Restricted Execution environment."""
  
      ok_path = tuple(sys.path)           # That's a policy decision
--- 115,130 ----
  
  class RExec(ihooks._Verbose):
+     """Basic restricted execution framework.
  
!     Code executed in this restricted environment will only have access to
!     modules and functions that are deemed safe; you can subclass RExec to
!     add or remove capabilities as desired.
! 
!     The RExec class can prevent code from performing unsafe operations like
!     reading or writing disk files, or using TCP/IP sockets.  However, it does
!     not protect against code using extremely large amounts of memory or
!     processor time.
! 
!     """
  
      ok_path = tuple(sys.path)           # That's a policy decision
***************
*** 136,139 ****
--- 146,176 ----
  
      def __init__(self, hooks = None, verbose = 0):
+         """Returns an instance of the RExec class.
+ 
+         The hooks parameter is an instance of the RHooks class or a subclass
+         of it.  If it is omitted or None, the default RHooks class is
+         instantiated.
+ 
+         Whenever the RExec module searches for a module (even a built-in one)
+         or reads a module's code, it doesn't actually go out to the file
+         system itself.  Rather, it calls methods of an RHooks instance that
+         was passed to or created by its constructor.  (Actually, the RExec
+         object doesn't make these calls --- they are made by a module loader
+         object that's part of the RExec object.  This allows another level of
+         flexibility, which can be useful when changing the mechanics of
+         import within the restricted environment.)
+ 
+         By providing an alternate RHooks object, we can control the file
+         system accesses made to import a module, without changing the
+         actual algorithm that controls the order in which those accesses are
+         made.  For instance, we could substitute an RHooks object that
+         passes all filesystem requests to a file server elsewhere, via some
+         RPC mechanism such as ILU.  Grail's applet loader uses this to support
+         importing applets from a URL for a directory.
+ 
+         If the verbose parameter is true, additional debugging output may be
+         sent to standard output.
+ 
+         """
          ihooks._Verbose.__init__(self, verbose)
          # XXX There's a circular reference here:
***************
*** 251,272 ****
--- 288,352 ----
  
      def r_exec(self, code):
+         """Execute code within a restricted environment.
+ 
+         The code parameter must either be a string containing one or more
+         lines of Python code, or a compiled code object, which will be
+         executed in the restricted environment's __main__ module.
+ 
+         """
          m = self.add_module('__main__')
          exec code in m.__dict__
  
      def r_eval(self, code):
+         """Evaluate code within a restricted environment.
+ 
+         The code parameter must either be a string containing a Python
+         expression, or a compiled code object, which will be evaluated in
+         the restricted environment's __main__ module.  The value of the
+         expression or code object will be returned.
+ 
+         """
          m = self.add_module('__main__')
          return eval(code, m.__dict__)
  
      def r_execfile(self, file):
+         """Execute the Python code in the file in the restricted
+         environment's __main__ module.
+ 
+         """
          m = self.add_module('__main__')
          execfile(file, m.__dict__)
  
      def r_import(self, mname, globals={}, locals={}, fromlist=[]):
+         """Import a module, raising an ImportError exception if the module
+         is considered unsafe.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         """
          return self.importer.import_module(mname, globals, locals, fromlist)
  
      def r_reload(self, m):
+         """Reload the module object, re-parsing and re-initializing it.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         """
          return self.importer.reload(m)
  
      def r_unload(self, m):
+         """Unload the module.
+ 
+         Removes it from the restricted environment's sys.modules dictionary.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         """
          return self.importer.unload(m)
  
***************
*** 326,344 ****
--- 406,491 ----
  
      def s_exec(self, *args):
+         """Execute code within a restricted environment.
+ 
+         Similar to the r_exec() method, but the code will be granted access
+         to restricted versions of the standard I/O streams sys.stdin,
+         sys.stderr, and sys.stdout.
+ 
+         The code parameter must either be a string containing one or more
+         lines of Python code, or a compiled code object, which will be
+         executed in the restricted environment's __main__ module.
+ 
+         """
          return self.s_apply(self.r_exec, args)
  
      def s_eval(self, *args):
+         """Evaluate code within a restricted environment.
+ 
+         Similar to the r_eval() method, but the code will be granted access
+         to restricted versions of the standard I/O streams sys.stdin,
+         sys.stderr, and sys.stdout.
+ 
+         The code parameter must either be a string containing a Python
+         expression, or a compiled code object, which will be evaluated in
+         the restricted environment's __main__ module.  The value of the
+         expression or code object will be returned.
+ 
+         """
          return self.s_apply(self.r_eval, args)
  
      def s_execfile(self, *args):
+         """Execute the Python code in the file in the restricted
+         environment's __main__ module.
+ 
+         Similar to the r_execfile() method, but the code will be granted
+         access to restricted versions of the standard I/O streams sys.stdin,
+         sys.stderr, and sys.stdout.
+ 
+         """
          return self.s_apply(self.r_execfile, args)
  
      def s_import(self, *args):
+         """Import a module, raising an ImportError exception if the module
+         is considered unsafe.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         Similar to the r_import() method, but has access to restricted
+         versions of the standard I/O streams sys.stdin, sys.stderr, and
+         sys.stdout.
+ 
+         """
          return self.s_apply(self.r_import, args)
  
      def s_reload(self, *args):
+         """Reload the module object, re-parsing and re-initializing it.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         Similar to the r_reload() method, but has access to restricted
+         versions of the standard I/O streams sys.stdin, sys.stderr, and
+         sys.stdout.
+ 
+         """
          return self.s_apply(self.r_reload, args)
  
      def s_unload(self, *args):
+         """Unload the module.
+ 
+         Removes it from the restricted environment's sys.modules dictionary.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         Similar to the r_unload() method, but has access to restricted
+         versions of the standard I/O streams sys.stdin, sys.stderr, and
+         sys.stdout.
+ 
+         """
          return self.s_apply(self.r_unload, args)
  
***************
*** 346,349 ****
--- 493,508 ----
  
      def r_open(self, file, mode='r', buf=-1):
+         """Method called when open() is called in the restricted environment.
+ 
+         The arguments are identical to those of the open() function, and a
+         file object (or a class instance compatible with file objects)
+         should be returned.  RExec's default behaviour is allow opening
+         any file for reading, but forbidding any attempt to write a file.
+ 
+         This method is implicitly called by code executing in the
+         restricted environment.  Overriding this method in a subclass is
+         used to change the policies enforced by a restricted environment.
+ 
+         """
          if mode not in ('r', 'rb'):
              raise IOError, "can't open files for writing in restricted mode"