Will nested scoping break restricted execution ??
Martin von Loewis
loewis at informatik.hu-berlin.de
Sat Feb 3 06:34:16 EST 2001
"Tim Peters" <tim.one at home.com> writes:
> [rturpin at my-deja.com]
> > I thought that the restricted execution module functioned
> > partly by controlling the builtin, local, and global
> > namespaces.
>
> Right.
Actually wrong, I think. It does not control local and global
namespaces. Instead, it controls what names you can get from
elsewhere.
I.e. you can't prohibit a program doing
socket = 1
but you can prevent that it does
import socket
although either code creates a socket variable, from a local and
global namespace point of view. Likewise, you can prevent the code
from doing
import socket as string
even if importing "string" is allowed, as long import "socket" is not.
> My offhand *opinion* is that it's darned hard to see any way in
> which it could hurt at all: there's nothing you can do with nested
> functions that you couldn't do before with classes and instance
> data.
Exactly. Furthermore, with the current code, rexec operates on a
per-module basis: r_exec, r_execfile etc always take an entire module
code, and execute it restrictedly (which sometimes means that they
create a new __main__ to do so). So there never is a need to prevent
restricted code from accessing its global variables.
I believe there isn't a way to prevent restricted code from accessing
a specific __builtin__, either - instead, you have to provide
alternative or missing versions of the builtins in advance.
Regards,
Martin
More information about the Python-list
mailing list