Sandboxing Python

Mark Lawrence breamoreboy at
Sun Aug 23 01:52:45 CEST 2015

On 23/08/2015 00:44, Chris Angelico wrote:
> On Sun, Aug 23, 2015 at 9:25 AM, Mark Lawrence <breamoreboy at> wrote:
>> I was always led to believe that the subject was a difficult thing to do,
>> but here
>> is a safe solution in only 23 characters, or are there any discernable flaws
>> in it?
> I'm sorry, I can't see which solution you're talking about there -
> maybe I just don't know how to read reddit properly. Can you paste the
> proposed code please?
> The best I can see there is "use eval but with no builtins". That's
> fundamentally flawed because you don't need builtins to break stuff.
> All you need is a literal, from which you can snag everything else via
> its attributes.
> However, for this situation, I would be recommending ast.literal_eval,
> which *is* safe. It's a lot more powerful than "split it into number,
> operator, number" as mentioned at the end, but still can't majorly
> break anything.
> ChrisA

 >>> import os
 >>> eval("os.system('rm -rf /')", {"__builtins__":None})
Traceback (most recent call last):
   File "<pyshell#8>", line 1, in <module>
     eval("os.system('rm -rf /')", {"__builtins__":None})
   File "<string>", line 1, in <module>
TypeError: 'NoneType' object is not subscriptable

Surely I must I have missed your meaning because I needed just 23 
characters and zero extra lines to create a safe sandbox for this, but 
you've said that the core developers have tried and failed to do this. 
It appears that I didn't just wipe out my entire filesystem and you've 
stated quite matter-of-factly that there is no safe solution... so what 
happened here? Why didn't my filesystem just get wiped out?

My fellow Pythonistas, ask not what our language can do for you, ask
what you can do for our language.

Mark Lawrence

More information about the Python-list mailing list