[Python-Dev] Implementing restricted Python in Zope2
Guido van Rossum
guido at python.org
Thu Jul 17 23:04:34 CEST 2008
Thanks. Then python-dev is *definitely* the wrong forum. :-)
On Thu, Jul 17, 2008 at 1:26 PM, Phillip J. Eby <pje at telecommunity.com> wrote:
> At 11:27 AM 7/17/2008 -0700, Brett Cannon wrote:
>> On Thu, Jul 17, 2008 at 10:54 AM, ranjith kannikara
>> <ranjithkannikara at gmail.com> wrote:
>> > I have taken the gsoc 08 project of porting zope2 to python2.5.
>> > Through my way to the successful completion of the project I have to
>> > implement Restricted python in Zope2. I could only get the information
>> > that the python AST has not changed on moving from python2.4 to 2.5
>> > but Restricted Python is not well documented enough for a stident to
>> > test the Zope2 's Restricted Python implentation.
>> > As a student I am not familiar with Restricted Python and python AST
>> > implementation.And in need of help to start the Restricted Python
>> > implementation.
>> What do you mean, "Restricted Python"? If you mean rexec and Bastion,
>> they are no longer supported, and that began before 2.5.
> No, he means the restricted Python compiler and capability-proxy system used
> by Zope. You know, the one I always bring up whenever anybody says they
> want to implement capabilities in Python? ;-)
> Zope's restricted Python is basically a combination of a special compiler,
> __builtin__ replacements, and a proxy type. Instead of using LOAD_ATTR
> opcodes, the compiler generates code that calls a special getattr() function
> instead, and most objects other than relatively-safe builtin types are
> wrapped in proxies that control what attributes can be accessed and what
> operations can be performed.
> The restricted Python framework itself doesn't impose any particular
> security policy; proxies delegate checks to "checker" objects that are
> essentially capabilities. Mostly, it focuses on creating a safe sandbox
> that can be expanded.
> There are two parts to the implication; one is called RestrictedPython and
> lives at:
> The other part is "zope.security.untrustedpython", and it's part of the
> zope.security distribution; see:
> for its specific code and docs.
> Both packages appear to have automated tests.
> Python-Dev mailing list
> Python-Dev at python.org
--Guido van Rossum (home page: http://www.python.org/~guido/)
More information about the Python-Dev