[Python-Dev] For sandboxing: alternative to crippling file()
Brett Cannon
brett at python.org
Fri Jun 30 20:09:58 CEST 2006
On 6/30/06, Armin Rigo <arigo at tunes.org> wrote:
>
> Hi Brett,
>
> On Thu, Jun 29, 2006 at 11:48:36AM -0700, Brett Cannon wrote:
> > 1) Is removing 'file' from the builtins dict in PyInterpreterState (and
> > maybe some other things) going to be safe enough to sufficiently hide
> 'file'
> > confidently (short of someone being stupid in their C extension module
> and
> > exposing 'file' directly)?
>
> No.
>
> >>> object.__subclasses__()
> [..., <type 'file'>]
>
> Maybe this one won't work if __subclasses__ is forbidden, but in general
> I think there *will* be a way to find this object.
Yeah, that's been my (what I thought was paranoid) feeling. Glad I am not
the only one who thinks that hiding file() is near impossible.
-Brett
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20060630/79a5d0be/attachment.htm
More information about the Python-Dev
mailing list