"Safe" Embedded Python
Chris Liechti
cliechti at gmx.net
Tue Jan 1 19:45:52 EST 2002
Gerhard Häring <gh_pythonlist at gmx.de> wrote in
news:mailman.1009917181.18293.python-list at python.org:
> Le 01/01/02 à 12:16, Hervey Wilson écrivit:
>> I am contemplating embedding Python in my application in order to
>> support end-user scripting. Having done some initial investigation, I
>> am happy with the functionality that I can expose but now I find
>> myself concerned with safety / security, specifically I want to limit
>> scripting activities to the core language features and the object
>> model that my application exposes. Put another way, I don't want the
>> scripts to be able to read / write to the hard-disk, open sockets and
>> so on.
>>
>> Can anyone provide some tips / links on the viability of doing this
>> and any implementation examples ?
>
> I've never done this myself, but I can give a few tips:
>
> The rexec module might offer most of what you need.
yes with rexec and bastion you can control what modules and classes are
available to the client.
you can write a open and import filter and let pass the files/modules you
want and block on others.
bastion protects your classes you want to expose to the client (e.g. real
private attributes).
> You'll need to restrict the modules users can import and remove some
> builtins, like with:
>
> del __builtins__.__dict__['open']
there is only one __builtins__ and when you remove the open function not
even the server can write files... better use rexec, its simpler and saver.
> The rexec module probably already offers this, I haven't checked.
>
> In the PostgreSQL source tree (http://www.postgresql.org/) you can find
> plpython, a module for implementing server-side Python procedures for
> the PostgreSQL database. I have seen it restricts the modules you can
> load.
>
> Gerhard
--
Chris <cliechti at gmx.net>
More information about the Python-list
mailing list