[Python-checkins] r55086 - python/branches/bcannon-objcap/BRANCH_NOTES python/branches/bcannon-objcap/secure_python.c
brett.cannon
python-checkins at python.org
Thu May 3 00:30:25 CEST 2007
Author: brett.cannon
Date: Thu May 3 00:30:22 2007
New Revision: 55086
Modified:
python/branches/bcannon-objcap/BRANCH_NOTES
python/branches/bcannon-objcap/secure_python.c
Log:
Remove 'open' and 'execfile'.
Unfortunately this breaks the importation of Python source code as
importlib no longer can access 'open' through the built-in namespace.
Need to decide best way to save reference to the 'open' (either just global
variable or something more like an attribute on the right class?).
Modified: python/branches/bcannon-objcap/BRANCH_NOTES
==============================================================================
--- python/branches/bcannon-objcap/BRANCH_NOTES (original)
+++ python/branches/bcannon-objcap/BRANCH_NOTES Thu May 3 00:30:22 2007
@@ -12,7 +12,7 @@
======
Status
======
-* Remove dangerous built-ins.
+* Decide how to squirrel away and access 'open'.
* Turn on whitelisting.
* Write tests.
Modified: python/branches/bcannon-objcap/secure_python.c
==============================================================================
--- python/branches/bcannon-objcap/secure_python.c (original)
+++ python/branches/bcannon-objcap/secure_python.c Thu May 3 00:30:22 2007
@@ -102,6 +102,10 @@
PyDict_Clear(PyDict_GetItemString(interp->sysdict,
"path_importer_cache"));
+ /* Remove dangerous built-ins. */
+ PyDict_DelItemString(interp->builtins, "execfile");
+ PyDict_DelItemString(interp->builtins, "open");
+
/* Use interpreter. */
return_val = Py_Main(argc, argv);
/* Tear down interpreter. */
More information about the Python-checkins
mailing list