Secure Python

Fredrik Tolf fredrik at dolda2000.com
Thu Nov 16 04:02:58 CET 2006


Hi List!

I was thinking about secure Python code execution, and I'd really
appreciate some comments from those who know Python better than I do.

I was thinking that maybe it could be possible to load and run untrusted
Python code, simply by loading it in a module with a modified version of
__builtins__. Without any reachable function that do unsafe operations,
code running from there shouldn't be able to do evil things.

Or? What would happen to `import'? Would it be possible to set a null
import path for a specific module. Are there any other ways to reach
modules/functions that would make this impossible (I don't seem to be
able to remember, but aren't there cross-references somewhere to the
defining modules of data passed to the code in the secure module)?

If this doesn't work, might there be some other way to run untrusted
code that I haven't thought of (apart from using O/S-specific stuff like
SECCOMD, of course).

Thank you very much for your time!

Fredrik Tolf





More information about the Python-list mailing list