limited python virtual machine (WAS: Another scripting language implemented into Python itself?)

Steven Bethard steven.bethard at
Wed Jan 26 15:23:17 EST 2005

Jack Diederich wrote:
> On Wed, Jan 26, 2005 at 10:23:03AM -0700, Steven Bethard wrote:
>>Jack Diederich wrote:
>>>Yes, this comes up every couple months and there is only one answer:
>>>This is the job of the OS.
>>>Java largely succeeds at doing sandboxy things because it was written that 
>>>way from the ground up (to behave both like a program interpreter and an 
>>>Python the language was not, and the CPython interpreter definitely was 
>>>Search for previous discussions of this on
>>Could you give some useful queries?  Every time I do this search, I get 
>>a few results, but never anything that really goes into the security 
>>holes in any depth.  (They're ususally something like -- "look, given 
>>object, I can get int" not "look, given object, I can get eval, 
>>__import__, etc.)
> A search on "rexec bastion" will give you most of the threads, 
> search on "rexec bastion diederich" to see the other times I tried to
> stop the threads by reccomending reading the older ones *wink*.
> Thread subjects:
> Replacement for rexec/Bastion?
> Creating a capabilities-based restricted execution system
> Embedding Python in Python
> killing thread ?

Thanks for the keywords -- I hadn't tried anything like any of these. 
Unfortunately, they leave me with the same feeling as before...  The 
closest example that I saw that actually showed a security hole made use 
of __builtins__.  As you'll note from the beginning of this thread, I 
was considering the case where no builtins are provided and imports are 

I also read a number of messages that had the same problems I do -- too 
many threads just say "look at google groups", without saying what to 
search for.  They also often spend most of their time talking about 
abstract problems, without showing code that illustrates how to break 
the "security".  For example, I never found anything close to describing 
how to retrieve, say, 'eval' or '__import__' given only 'object'.

What would be really nice is a wiki that had examples of how to derive 
"unsafe" functions from 'object'.  I'd be glad to put one together, but 
so far, I can't find many examples...  If you want to consider reading 
and writing of files as "unsafe", then I guess this might be one:
     file = object.__subclasses__()[16]
If I could see how to go from 'object' (or 'int', 'str', 'file', etc.) 
to 'eval' or '__import__', that would help out a lot...


More information about the Python-list mailing list