[Python-Dev] Some news from my sandbox project
Victor Stinner
victor.stinner at haypocalc.com
Sat Sep 18 12:05:26 CEST 2010
Le samedi 18 septembre 2010 10:39:58, Robert Collins a écrit :
> __builtins__ is in everyone's global namespace, so if it can be
> mutated, different python programs running in the same sandbox can
> affect each other.
>
> Ditto sys.modules and os environ, but I guess that those are already
> addressed.
sys.modules and os.environ are not accessible in pysandbox :-) If you create a
rule in the security policy to allow them, you will get read only views.
Example with sys.modules:
sandbox>>> from sys import modules
sandbox>>> modules['sys']
TypeError: Unable to proxy a value of type <type 'module'>
sandbox>>> modules['sys']=1
SandboxError: Read only object
Builtin module type is blocked because it is unsafe.
--
Victor Stinner
http://www.haypocalc.com/
More information about the Python-Dev
mailing list