[Python-Dev] Restricted interpreter
Guido van Rossum
guido@python.org
Fri, 08 Nov 2002 15:22:28 -0500
> This weekend I'm going to work on a "restricted" python interpreter for
> http://acm.uva.es/problemset/. That site offers online programming
> contests, including an online judge to check algorithm implementations
> for hundreds of problems. I belive it'd be nice for the Python community
> to have access to something like that.
>
> This interpreter should have limited functionality so that malicious users
> won't be able to access the filesystem, sockets, and other "dangerous"
> functionality.
>
> I'm not sure if that will be useful for the stock Python interpreter,
> as its application is very specific, but at least it could be a nice
> starting point for similar projects.
>
> I've included here a quick list of changes to the python interpreter to
> achieve that. Do you remember about any other possible problems?
>
> - include a '-r' flag, which enables a global restricted flag, and
> implies -E, and -S.
>
> - depending on the flag, don't let scripts import posixmodule, (we can't
> remove it, or python won't compile);
>
> - depending on the flag, change the way module imports work, using only
> the sys.path Python has started with;
>
> - depending on the flag, limit instantiation of 'file' types (remember that
> type(sys.stdout) returns the 'file' type, so removing it from builtins is
> not enough).
>
> - remove all, but the builtin modules which could be useful for some
> algorithm: _codecs, array, cmath, binascii, crypt, cStringIO, md5, math,
> _locale, _sre, pcre, pyexpat, regex, sha, strop, timing, struct, time,
> xreadlines, unicodedata, _weakref;
Are you aware of the standard library module 'rexec'?
--Guido van Rossum (home page: http://www.python.org/~guido/)