[Python-Dev] Restricted interpreter

Guido van Rossum guido@python.org
Fri, 08 Nov 2002 15:22:28 -0500

> This weekend I'm going to work on a "restricted" python interpreter for
> http://acm.uva.es/problemset/. That site offers online programming
> contests, including an online judge to check algorithm implementations
> for hundreds of problems. I belive it'd be nice for the Python community
> to have access to something like that.
> This interpreter should have limited functionality so that malicious users
> won't be able to access the filesystem, sockets, and other "dangerous"
> functionality.
> I'm not sure if that will be useful for the stock Python interpreter,
> as its application is very specific, but at least it could be a nice
> starting point for similar projects.
> I've included here a quick list of changes to the python interpreter to
> achieve that. Do you remember about any other possible problems?
> - include a '-r' flag, which enables a global restricted flag, and
>   implies -E, and -S.
> - depending on the flag, don't let scripts import posixmodule, (we can't
>   remove it, or python won't compile);
> - depending on the flag, change the way module imports work, using only
>   the sys.path Python has started with;
> - depending on the flag, limit instantiation of 'file' types (remember that
>   type(sys.stdout) returns the 'file' type, so removing it from builtins is
>   not enough).
> - remove all, but the builtin modules which could be useful for some
>   algorithm: _codecs, array, cmath, binascii, crypt, cStringIO, md5, math,
>   _locale, _sre, pcre, pyexpat, regex, sha, strop, timing, struct, time,
>   xreadlines, unicodedata, _weakref;

Are you aware of the standard library module 'rexec'?

--Guido van Rossum (home page: http://www.python.org/~guido/)