nospam at nospam.nospam
Mon Aug 22 08:04:26 CEST 2005
Clearly, Pyton does not directly offer any kind of useful security sandbox
capability, but since Java does, I suppose JPython is an option. I know there
are a lot of downsides to JPython, but it should be a genuine solution to the
On Sat, 20 Aug 2005 10:21:06 GMT, 42 <nospam at nospam.com> wrote:
>I'm extremely new to python, and am looking at using it as an embedded
>script engine in a dotnet project I'm working on. I'm currently playing
>with the "Python for Net" (http://www.zope.org/Members/Brian/PythonNet)
>stuff, and it seems to work well.
>Googling for information on securing Python in a "sandbox" seems
>indicate that there are some built in features, but they aren't really
>trustworthy. Is that correct?
>For my purposes, I really just want to let users run in a sandbox, with
>access to only the language, manipuate a few published objects in the
>application (and perhaps give them some string and math libraries if
>I was wondering if it would be effective to pre-parse incoming scripts
>and reject those containing "import"? I'd also have the application
>inject the (short) list of trusted imports to the script before passing
>it to the interpreter.
>In theory I'm hoping this would mean script writers would have access to
>the stuff they need and no way to add in anything else.
>Would this sufficient? Are there any drawbacks or giant gaping holes?
>I'm anticipating that I'd also need to block 'exec' and 'eval' to
>prevent an import from being obfuscated past the pre-parse.
>Or is this a hopeless cause?
>Finally, either way, would anyone recommend a different script engine
>that might be more suitable for what I'm trying to accomplish that I
>might not have looked at. I don't need much; it needs to work with C#,
>and be able to easily interact with 'published' interface. I'd also like
>to leverage a "popular" language instead of something obscure.
>interpreter into a C# app. There's some CodeDom stuff with JScript, but
>that seemed backwards...overkill; I don't really want to compile
>temporary assemblies for hundreds of 2 and 3 line scripts... and the VSA
>stuff has been marked deprecated with no apparent successor... seems
>like I jumped into this at precisely the wrong time. :)
>Any thoughts, insights, or comments welcome. Forgive my lack of Python
>savvy... I've only been playing with it for a few hours now; after
>bumping into the "python for net" link.
More information about the Python-list