restricted execution
Steve Purcell
stephen_purcell at yahoo.com
Sat Mar 31 12:20:34 EST 2001
Kendall wrote:
>
> dict = {}
> for i in AllowedBuiltinList :
> exec "dict['" + i + "'] = " + i
>
> __builtins__ = dict
> del dict
>
> Where the AllowedBuiltinList is missing things like __import__, open, and
> eval.
> If I paste this in every user defined module, have I effectively prevented all
> access to the file system and network? I'm not letting them import sys or
> os in their module either.
Have you tried to use the built-in module 'rexec' for such restricted
execution support? You might find it easier.
-Steve
--
Steve Purcell, Pythangelist
Get testing at http://pyunit.sourceforge.net/
Any opinions expressed herein are my own and not necessarily those of Yahoo
More information about the Python-list
mailing list