Safe eval?
Geoff Gerrietts
geoff at gerrietts.net
Tue Apr 16 18:05:04 EDT 2002
Quoting Philipp Lenssen (lenssen at hitnet.rwth-aachen.de):
> "Geoff Gerrietts" <geoff at gerrietts.net> wrote in message
> news:mailman.1018991313.16792.python-list at python.org...
> > Quoting Philipp Lenssen (lenssen at hitnet.rwth-aachen.de):
> > > I just realized, as opposed to PHP, there's much stricter namespaces in
> > > Python and maybe not using "import" on anything harmful could be the
> > > solution?
> >
> > You can hack on the rexec module to make it do what you want to do;
> > that's what I do. It may or may not provide ample security for your
> > purposes; it's certainly better than a raw eval().
> >
> > The code I use is attached; under 2.something,
>
> Thanks! I will try out your class and simply use it if it does what I want.
> Please email me if you a) don't want me to use it xor b) don't want to get
> credited in the source file or the http://questml.com webpage.
>
> > this breaks unless you
> > override make_re to pass.
> >..
>
> Could you explain that? I didn't understand...
Sorry, I went and did it in the code I sent, then forgot to remove the
straggler lines from the message. Under 2.1 or 2.2 (I forget which, I
think 2.2) the RExec class calls make_re() in its __init__, and
make_re() breaks if sre isn't in the list of allowed imports.
I'd give some serious consideration to Andrew Dalke's solution, too.
That may be a quicker route to exactly where my complicated route gets
you -- I think that when I wrote this, I'd tried eval(string, {}, {})
and never even considered replacing the __builtins__ namespace with an
empty dictionary.
I'm considering refactoring, myself....
--G.
--
Geoff Gerrietts "Democracy is a form of government that substitutes
geoff at gerrietts dot net election by the incompetant many for appointment
http://www.gerrietts.net/ by the corrupt few." --George Bernard Shaw
More information about the Python-list
mailing list