limited python virtual machine (WAS: Another scripting language implemented into Python itself?)
Jack Diederich
jack at performancedrivers.com
Wed Jan 26 12:03:01 EST 2005
On Wed, Jan 26, 2005 at 05:18:59PM +0100, Alexander Schremmer wrote:
> On Tue, 25 Jan 2005 22:08:01 +0100, I wrote:
>
> >>>> sys.safecall(func, maxcycles=1000)
> > could enter the safe mode and call the func.
>
> This might be even enhanced like this:
>
> >>> import sys
> >>> sys.safecall(func, maxcycles=1000,
> allowed_domains=['file-IO', 'net-IO', 'devices', 'gui'],
> allowed_modules=['_sre'])
>
> Any comments about this from someone who already hacked CPython?
Yes, this comes up every couple months and there is only one answer:
This is the job of the OS.
Java largely succeeds at doing sandboxy things because it was written that
way from the ground up (to behave both like a program interpreter and an OS).
Python the language was not, and the CPython interpreter definitely was not.
Search groups.google.com for previous discussions of this on c.l.py
-Jack
More information about the Python-list
mailing list