[Python-ideas] A limited exec
Hua Lu
gotoalanlu at gmail.com
Fri Jul 19 09:43:05 CEST 2013
Hey Laurens,
Thanks for the feedback. I am still waiting for NumPy in PyPy mostly. I
know this blacklist approach is a losing battle, but for the time being,
maybe it could be of value?
I am aware that f_globals could break things. However, barring 'private'
attribute access, I am wondering if it is reachable. I used the code from
http://www.reddit.com/r/Python/comments/hftnp/ask_rpython_recovering_cleared_globals/c1v3l4ias
a test.
Can you give me a code snippet which breaks this?
Sincerely,
Alan
On Fri, Jul 19, 2013 at 2:25 AM, Laurens Van Houtven <_ at lvh.io> wrote:
> Hi Alan,
>
>
> I've pretty much broken it, just translating it to 3.x.
>
> Please document that it's 3.x only, that's why it's taking longer than a
> few minutes. func_globals is named differently, chr doesn't exist anymore...
>
> Anyway, this approach doesn't work well: if you want secure execution,
> please look at PyPy's sandbox mode :)
>
> cheers
> lvh
>
>
> On Fri, Jul 19, 2013 at 8:19 AM, Hua Lu <gotoalanlu at gmail.com> wrote:
>
>> Hi, I've attempted to make exec/eval a bit safer. May I please have some
>> feedback?
>>
>> https://github.com/cag/execgate
>>
>> Thanks,
>> Alan
>>
>> _______________________________________________
>> Python-ideas mailing list
>> Python-ideas at python.org
>> http://mail.python.org/mailman/listinfo/python-ideas
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20130719/926aad06/attachment.html>
More information about the Python-ideas
mailing list