Steve Jorgensen nospam at nospam.nospam
Mon Aug 22 08:04:26 CEST 2005

Clearly, Pyton does not directly offer any kind of useful security sandbox
capability, but since Java does, I suppose JPython is an option.  I know there
are a lot of downsides to JPython, but it should be a genuine solution to the
sandbox problem.

On Sat, 20 Aug 2005 10:21:06 GMT, 42 <nospam at> wrote:

>I'm extremely new to python, and am looking at using it as an embedded 
>script engine in a dotnet project I'm working on. I'm currently playing 
>with the "Python for Net" ( 
>stuff, and it seems to work well.
>Googling for information on securing Python in a "sandbox" seems 
>indicate that there are some built in features, but they aren't really 
>trustworthy. Is that correct?
>For my purposes, I really just want to let users run in a sandbox, with 
>access to only the language, manipuate a few published objects in the 
>application (and perhaps give them some string and math libraries if 
>I was wondering if it would be effective to pre-parse incoming scripts 
>and reject those containing "import"? I'd also have the application 
>inject the (short) list of trusted imports to the script before passing 
>it to the interpreter.
>In theory I'm hoping this would mean script writers would have access to 
>the stuff they need and no way to add in anything else.
>Would this sufficient? Are there any drawbacks or giant gaping holes? 
>I'm anticipating that I'd also need to block 'exec' and 'eval' to 
>prevent an import from being obfuscated past the pre-parse.
>Or is this a hopeless cause? 
>Finally, either way, would anyone recommend a different script engine 
>that might be more suitable for what I'm trying to accomplish that I 
>might not have looked at. I don't need much; it needs to work with C#, 
>and be able to easily interact with 'published' interface. I'd also like 
>to leverage a "popular" language instead of something obscure.
>I also looked at Javascript, but couldn't find a way to embed an 
>interpreter into a C# app. There's some CodeDom stuff with JScript, but 
>that seemed backwards...overkill; I don't really want to compile 
>temporary assemblies for hundreds of 2 and 3 line scripts... and the VSA 
>stuff has been marked deprecated with no apparent successor... seems 
>like I jumped into this at precisely the wrong time. :)
>Any thoughts, insights, or comments welcome. Forgive my lack of Python 
>savvy... I've only been playing with it for a few hours now; after 
>bumping into the "python for net" link.

More information about the Python-list mailing list