[Python-Dev] Implementing restricted Python in Zope2

Shane Hathaway shane at hathawaymix.org
Thu Jul 17 20:42:21 CEST 2008


ranjith kannikara wrote:
> As a student I am not familiar with Restricted Python and python AST
> implementation.And in need of help to start the Restricted Python
> implementation.

Here is some context for Python-Dev.

RestrictedPython is a custom Python compiler that, when combined with a 
restricted environment, provides a sandbox safe enough to allow 
partly-trusted people to write and execute scripts on a Zope server.  It 
has been used in Zope 2 for a long time and will have a future in Zope 
3.  The sandbox is more extensive than what the rexec module provides.

The safety of RestrictedPython has been validated in a somewhat formal 
process with Python 2.4.  Ranjith is working to validate it with Python 
2.5.  He is first working to discover all changes between Python 2.4 and 
2.5 that might have affected the safety of a RestrictedPython sandbox. 
Any changes to the AST, builtin functions, methods of builtin types, 
etc., need to be evaluated for safety.

So, in general, he is looking for detailed lists of changes between 
Python 2.4 and 2.5--more than the "What's New" doc.

Shane


More information about the Python-Dev mailing list