Another scripting language implemented into Python itself?

Terry Reedy tjreedy at
Tue Jan 25 14:51:24 EST 2005

"Cameron Laird" <claird at> wrote in message 
news:bt6ic2-7dg.ln1 at
> The original poster wants to work in Python.  That's
> fine.  Several of us have suggested he further
> expose Python itself to his end-users as an extension
> language.  That certainly is feasible.  He needn't
> explain all of Python to those end-users--probably
> only a bit about "assignments", control structures,
> and maybe lists.
> That approach creates a sort of fragility, though.
> Python includes, along with much else, os.unlink().
> Suppose our original poster doesn't want end-users
> to be able to delete files (or directories ...).

I don't remember if the OP specified *where* the scripted application is to 
be run.  If on a server, then *any* language with loops is vulnerable to 
malicious users.  If on a person's own desktop machine, where one can run 
'diskformat' or the equivalent, or pick up and drop the machine, then 
worrying about Python security seems superfluous.  Why worry, for instance, 
about os.unlink when the user can just do the same much easier in a text or 
gui shell?

Terry J. Reedy

More information about the Python-list mailing list