rexec question
Ralf Doering
ralf.doering at prakinf.tu-ilmenau.de
Mon Aug 9 06:43:40 EDT 1999
Jeremy Hylton <jeremy at cnri.reston.va.us> writes:
[...]
THX again for the response. It does help me to understand what
happens, but I need a little bit more help to solve my problem.
> I should have answered this question from the outset. The restricted
> execution environment is definitely more interesting when there are
> objects defined in the controlling environment that are all accessible
> in the restricted environment.
>
> There is no direct way to add a name binding to the restricted
> execution environment. You need to modify one of the modules that
> exists in rexec, typically its __main__.
>
> Here's a simple approach that would work:
>
> class RExecEx(rexec.RExec):
> """Adds method for setting attribute in rexec environment"""
> def setattr(self, name, value, bastion=1):
> if bastion:
> value = Bastion.Bastion(value)
> setattr(self.modules['__main__'], name, value)
>
> In most cases, you want to pass a Bastion to the untrusted code rather
> than passing the object directly. The howto and the Bastion module
> documentation explain this.
OK, I made an "setattr" enhanced version of rexec like suggested.
To illustrate what I do not understand until now:
>>> class t:
... def t1(self):
... print "open is:", open
...
>>> r = RExecEx()
>>> r.r_exec("""print "open is", open""")
open is <method RExec.r_open of RExecEx instance at 1fa7e8>
>>> o = t()
>>> r.setattr("o",o)
>>> r.r_exec("o.t1()")
open is: <built-in function open>
The problem to import from the controlling environment to the
restricted environment is solved. However, the restricted execution of
the code of the "imported" object does not work like expected.
The call to o.t1() uses the builtin open function instead of r_open.
Please, can somebody enlighten me ...
Again, the problem is: I have got an object, which is unpickled from a
bytestream. A specific method of this object should be called and the
code should be executed in an restricted environment.
Ralf
--
No sig -- no fun
More information about the Python-list
mailing list