Using python for writing models: How to run models in restricted python mode?

Mike Meyer mwm at
Tue Nov 8 00:13:35 CET 2005

"vinjvinj" <vinjvinj at> writes:

> While I understand 2 is very hard (if not impossible) to do in single
> unix process. I'm not sure why 1 would be hard to do. Since I have
> complete control to what code I can allow or not allow on my grid. Can
> i not just search for certain strings and disallow the model if it
> fails certain conditions. It might not be 100% secure but will it not
> get me at 90%...

Sure you can search for certain strings. Python lets you build strings
dynamically, so you'd have to search for every possible way to create
those strings. Further, Python provides lots of tools for
introspection, meaning there are lots of ways to find these
"forbidden" objects other than mentioning their name.

You can get to *every* builtin function through any python module. For
instance, are you going to prevent them from using regular
rexpressions? If not, consider:

>>> getattr(re, ''.join([chr(x + 1) for x in [94, 94, 97, 116, 104, 107, 115, 104, 109, 114, 94, 94]]))['fi' + 'le'] is open

String searches only prevent the most obvious abuses, and may well
miss things that are merely not quite so obvious. If you think of your
"security" as a notice to the end user that they are doing something
wrong, as opposed to a tool that will prevent them from doing it, then
you'll have the right idea. In which case, I'd still recommend looking
into the rexec module.

Mike Meyer <mwm at>
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.

More information about the Python-list mailing list