Protected execution through tricks with namespace scoping

rturpin at my-deja.com rturpin at my-deja.com
Sun Jan 14 10:57:54 EST 2001


Two caveats. First, don't ask me why. Second, I'm thinking
out loud, or more accurately, thinking while I'm typing.
So there may be gaping errors in the idea below. Almost
certainly, there are programming errors. At his point, I'm
working on the concepts, not the syntax.

The goal is to execute plug-in modules in a fashion that
protects the surrounding program from accidental harm.
Let's assume the plug-in module is an importable file
that defines a set of functions. The surrounding program
wants to supply some named services that are available.
It seems something like the following would work:

  # Plug in "foo"
  dFooGlobals = {"svc1": func1, "svc2": func2}
  dFooGlobals.__builtins__ = copy.copy(__builtins__)
  dFooLocals = {}

  try:
      exec "import foo\n" in dFooGlobals, dFooLocals
      # register "foo" and its functions
  except:
      # Handle errors from import

Later on, a function f in foo would be invoked by:

  try:
      exec "f(args)\n" in dFooGlobals, dFooLocals
  except:
      # Handle errors from f()

Obviously, either foo or its functions could run forever,
without returning. Using Python modules that give them
access to the external environment, they might kill
processes, screw up files, etc. But is there any way,
strictly in Python, that either can screw up the
operation of the surrounding program?

Russell


Sent via Deja.com
http://www.deja.com/



More information about the Python-list mailing list