limited python virtual machine (WAS: Another scripting language implemented into Python itself?)

Alexander Schremmer 2004b at usenet.alexanderweb.de
Wed Jan 26 17:18:59 CET 2005


On Tue, 25 Jan 2005 22:08:01 +0100, I wrote:

>>>> sys.safecall(func, maxcycles=1000)
> could enter the safe mode and call the func.

This might be even enhanced like this:

>>> import sys
>>> sys.safecall(func, maxcycles=1000,
                 allowed_domains=['file-IO', 'net-IO', 'devices', 'gui'],
                 allowed_modules=['_sre'])

Every access to objects that are not in the specified domains are
restricted by the interpreter. Additionally, external modules (which are
expected to be not "decorated" by those security checks) have to be in the
modules whitelist to work flawlessy (i.e. not generate exceptions).

Any comments about this from someone who already hacked CPython?

Kind regards,
Alexander



More information about the Python-list mailing list