securing a python execution environment...

Chris Withers chris at simplistix.co.uk
Mon Nov 19 12:16:35 CET 2007


Hi All,

I'm trying to build a secure execution environment for bits of python 
for two reasons:

- to allow users of the system to write scripts in python without 
circumventing the application's security model

- to allow the system to have an environment where security is handled 
without having to do explicit checks in every piece of example code.

This second point is better demonstrated by an example:

Bad:

 >>> from security import check,AccessDenied
 >>> if check(someobj,'someattr'):
 >>>   print someattr
 >>> else:
 >>>   raise AccessDenied("can't access 'someattr')
Traceback (most recent call last):
   File "<stdin>", line ?, in ?
AccessDenied: can't access 'someattr'

Good:

 >>> someobj.someattr
Traceback (most recent call last):
   File "<stdin>", line ?, in ?
AccessDenied: can't access 'someattr'

Now, I think I can get a lot of this from Zope 3's security proxy 
objects, however I need to find a way to limit the importing of modules 
to, for example, prevent people importing the method that unwraps the 
proxy objects ;-)

Have other people bumped into this problem?
What solutions do people recommend?

cheers,

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk



More information about the Python-list mailing list