[Python-checkins] r51880 - in python/branches/bcannon-objcap: Lib/test/test_interpreter.py Modules/interpretermodule.c securing_python.txt
brett.cannon
python-checkins at python.org
Thu Sep 14 22:54:08 CEST 2006
Author: brett.cannon
Date: Thu Sep 14 22:54:07 2006
New Revision: 51880
Modified:
python/branches/bcannon-objcap/Lib/test/test_interpreter.py
python/branches/bcannon-objcap/Modules/interpretermodule.c
python/branches/bcannon-objcap/securing_python.txt
Log:
Add access to the 'sys' module's data dict.
Modified: python/branches/bcannon-objcap/Lib/test/test_interpreter.py
==============================================================================
--- python/branches/bcannon-objcap/Lib/test/test_interpreter.py (original)
+++ python/branches/bcannon-objcap/Lib/test/test_interpreter.py Thu Sep 14 22:54:07 2006
@@ -1,5 +1,3 @@
-"""XXX
-"""
import interpreter
import unittest
@@ -13,6 +11,14 @@
break
"""
+test_sys_changed = """
+import sys
+if sys.version == 'test':
+ to_return.append(True)
+else:
+ to_return.append(False)
+"""
+
class BaseInterpTests(unittest.TestCase):
def setUp(self):
@@ -98,11 +104,50 @@
self.failUnless(self.interp.modules['token'] is not token)
+class SysDictTests(BaseInterpTests):
+
+ """Test interpreter.Interpreter().sys_dict ."""
+
+ def test_get(self):
+ # Make sure a dict is returned.
+ sys_dict = self.interp.sys_dict
+ self.failUnless(isinstance(sys_dict, dict))
+ self.failUnless('version' in sys_dict)
+
+ def test_set(self):
+ # Make sure sys_dict can be set to a new dict.
+ sys_dict_copy = self.interp.sys_dict.copy()
+ self.interp.sys_dict = sys_dict_copy
+ self.failUnlessRaises(TypeError, setattr, self.interp, 'sys_dict', [])
+
+ def test_effect(self):
+ # Changes to the dict should be reflected in the interpreter.
+ sys_dict = self.interp.sys_dict
+ sys_dict['version'] = 'test'
+ interp_return = []
+ self.interp.builtins['to_return'] = interp_return
+ self.interp.execute(test_sys_changed)
+ self.failUnless(interp_return[0])
+
+ def test_copied(self):
+ # sys_dict should be unique per interpreter (including mutable data
+ # structures).
+ sys_dict = self.interp.sys_dict
+ sys_dict['version'] = 'test'
+ self.failUnless(sys.version != 'test')
+ # XXX check mutable data structures
+ sys_dict.setdefault('argv', []).append('test')
+ self.failUnless(sys.argv[-1] != 'test')
+ sys_dict['path'].append('test')
+ self.failUnless(sys.path[-1] != 'test')
+
+
def test_main():
test_support.run_unittest(
BasicInterpreterTests,
BuiltinsTests,
ModulesTests,
+ SysDictTests,
)
Modified: python/branches/bcannon-objcap/Modules/interpretermodule.c
==============================================================================
--- python/branches/bcannon-objcap/Modules/interpretermodule.c (original)
+++ python/branches/bcannon-objcap/Modules/interpretermodule.c Thu Sep 14 22:54:07 2006
@@ -133,7 +133,7 @@
}
Py_INCREF(arg);
- Py_XDECREF(old_builtins);
+ Py_DECREF(old_builtins);
PyInterpreter_GET_INTERP(self)->builtins = arg;
return 0;
@@ -166,17 +166,51 @@
}
Py_INCREF(arg);
- Py_XDECREF(old_modules);
+ Py_DECREF(old_modules);
PyInterpreter_GET_INTERP(self)->modules = arg;
return 0;
}
+/*
+ Getter for 'sys_dict'.
+*/
+static PyObject *
+interpreter_get_sys_dict(PyObject *self, void *optional)
+{
+ PyObject *sys_dict = PyInterpreter_GET_INTERP(self)->sysdict;
+
+ Py_INCREF(sys_dict);
+ return sys_dict;
+}
+
+/*
+ Setter for 'sys_dict'.
+*/
+static int
+interpreter_set_sys_dict(PyObject *self, PyObject *arg, void *optional)
+{
+ PyObject *old_sys_dict = PyInterpreter_GET_INTERP(self)->sysdict;
+
+ if (!PyDict_Check(arg)) {
+ PyErr_SetString(PyExc_TypeError,
+ "'sys_dict' must be set to a dict");
+ return -1;
+ }
+
+ Py_INCREF(arg);
+ Py_DECREF(old_sys_dict);
+ PyInterpreter_GET_INTERP(self)->sysdict = arg;
+
+ return 0;
+}
+
static PyGetSetDef interpreter_getset[] = {
{"builtins", interpreter_get_builtins, interpreter_set_builtins,
"The built-ins dict for the interpreter.", NULL},
- /*{"sys_dict", XXX, XXX, "The modules dict for 'sys'.", NULL},*/
+ {"sys_dict", interpreter_get_sys_dict, interpreter_set_sys_dict,
+ "The modules dict for 'sys'.", NULL},
{"modules", interpreter_get_modules, interpreter_set_modules,
"The dict used for sys.modules.", NULL},
{NULL}
Modified: python/branches/bcannon-objcap/securing_python.txt
==============================================================================
--- python/branches/bcannon-objcap/securing_python.txt (original)
+++ python/branches/bcannon-objcap/securing_python.txt Thu Sep 14 22:54:07 2006
@@ -31,8 +31,8 @@
+ Prevents opening unauthorized files.
+ Prevents using as a way to probe filesystem.
- exit()
- * XXX verify that raising SystemExit in a sub-interpreter only
- exits that sub-interpreter and not the process. <critical>
+ * Have SystemExit exit the process only if no other
+ interpreters are running. <critical>
+ Filesystem path hiding (`Filesystem Information`_) <critical?>
+ Tweaked stdlib modules
- mini 'sys' module (`Making the ``sys`` Module Safe`_)
@@ -42,9 +42,9 @@
interrupt_main() not per-interpreter, and stack_size() can be
dangerous)
+ Create sandboxed interpreter stdlib module <critical>
- - Be able to specify built-ins
- - Set 'sys' module settings
- - Set 'sys.modules'
+ - Be able to specify built-ins [done]
+ - Set 'sys' module settings [done]
+ - Set 'sys.modules' [done]
- API
* Python
* C
More information about the Python-checkins
mailing list