Embedded python 'scripting engine' inside Python app

Patrick Stinson patrickkidd at gmail.com
Sun Nov 23 14:20:03 CET 2014


I think this is the way I’ll take it, and for all the same reasons. The only way they can break it is if they really want to. I guess anything other Franken-apps would be interesting to hear about too. And I’ll still stick it on the app store.


> On Nov 23, 2014, at 1:35 AM, Chris Angelico <rosuav at gmail.com> wrote:
> 
> On Sun, Nov 23, 2014 at 9:28 PM, Patrick Stinson <patrickkidd at gmail.com> wrote:
>> Thanks for your great reply. I even augmented the reloading with the same
>> dict by clearing all of the non-standard symbols from the dict. This
>> effectively resets the dict:
> 
> You may as well start with an empty dict and then pick up the few
> things you want, I think.
> 
>> Is there a better and more secure way to do the python-within-python in
>> order allow users to automate your app?
> 
> More secure? Basically no. You could push the inner script into a
> separate process, but I would recommend simply acknowledging the
> insecurity. Embrace the lack of security and call it a debugging
> feature - make it possible to introspect, control, manipulate internal
> structures. Feature, not flaw. :)
> 
> ChrisA
> -- 
> https://mail.python.org/mailman/listinfo/python-list




More information about the Python-list mailing list