[Python-Dev] Restricted interpreter

Gustavo Niemeyer niemeyer@conectiva.com
Fri, 8 Nov 2002 18:04:56 -0200

This weekend I'm going to work on a "restricted" python interpreter for
http://acm.uva.es/problemset/. That site offers online programming
contests, including an online judge to check algorithm implementations
for hundreds of problems. I belive it'd be nice for the Python community
to have access to something like that.

This interpreter should have limited functionality so that malicious users
won't be able to access the filesystem, sockets, and other "dangerous"

I'm not sure if that will be useful for the stock Python interpreter,
as its application is very specific, but at least it could be a nice
starting point for similar projects.

I've included here a quick list of changes to the python interpreter to
achieve that. Do you remember about any other possible problems?

- include a '-r' flag, which enables a global restricted flag, and
  implies -E, and -S.

- depending on the flag, don't let scripts import posixmodule, (we can't
  remove it, or python won't compile);

- depending on the flag, change the way module imports work, using only
  the sys.path Python has started with;

- depending on the flag, limit instantiation of 'file' types (remember that
  type(sys.stdout) returns the 'file' type, so removing it from builtins is
  not enough).

- remove all, but the builtin modules which could be useful for some
  algorithm: _codecs, array, cmath, binascii, crypt, cStringIO, md5, math,
  _locale, _sre, pcre, pyexpat, regex, sha, strop, timing, struct, time,
  xreadlines, unicodedata, _weakref;

Gustavo Niemeyer

[ 2AAC 7928 0FBF 0299 5EB5  60E2 2253 B29A 6664 3A0C ]