Embedding Python in Python
Robey Holderith
robey at slash_dev_slash_random.org
Wed Aug 18 17:03:27 EDT 2004
On Wed, 18 Aug 2004 19:44:47 +0000, JCM wrote:
> Paul Rubin <http://phr.cx@nospam.invalid> wrote:
>> JCM <joshway_without_spam at myway.com> writes:
>>> If you're concerned about security, another possibility is to parse
>>> the user's code and look for anything potentially dangerous. You'll
>>> need to be aggressive, but I believe it's possible. For example,
>>> disallow exec statements, the identifier "eval", any identifier of
>>> __this__ form, import statements, etc. This is overly restrictive,
>>> but it will provide security.
>
>> By the time you're done with all that, you may as well design a new
>> restricted language and interpret just that.
>
>> Hint:
>> e = vars()['__builtins__'].eval
>> print e('2+2')
>
>> Even Java keeps getting new holes found, and Python is not anywhere
>> near Java when it comes to this kind of thing.
>
> I don't think it's as difficult as you think. Your snippet of code
> would be rejected by the rules I suggested. You'd also want to
> prohibit other builtins like compile, execfile, input, reload, vars,
> etc.
I'm going to have to agree with Paul on this one. I do not feel up to
the task of thinking of every possible variant of malicious code. There
are far too many ways of writing the exact same thing. I think it would
be much easier to write my own interpreter.
-Robey
More information about the Python-list
mailing list