limited python virtual machine (WAS: Another scripting language implemented into Python itself?)
Steven Bethard
steven.bethard at gmail.com
Tue Jan 25 15:24:03 EST 2005
Michael Spencer wrote:
> Safe eval recipe posted to cookbook:
> http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/364469
This recipe only evaluates constant expressions:
"Description:
Evaluate constant expressions, including list, dict and tuple using the
abstract syntax tree created by compiler.parse"
It means you can't eval arbitrary Python code -- it's basically just a
data parser. Handy in some situations, but not the equivalent of a
limited Python virtual machine.
> Likewise, function calls are easily intercepted
I'm not sure I follow this... How do you intend to intercept all
function calls?
> As you say, attribute access to core functions appears to present the
> challenge. It is easy to intercept attribute access, harder to know
> what's safe. If there were a known set of 'dangerous' objects e.g.,
> sys, file, os etc... then these could be checked by identity against any
> attribute returned
It sounds like you're suggesting overriding the global attribute access
mechanism. Is that right? So that every time Python encountered an
attribute access, you would verify that the attribute being accessed is
not on the 'dangerous' list? I don't know how to do that without
basically rewriting some of Python's C code, though certainly I'm no
expert in the area...
Also, I'm not sure identity is sufficient:
py> import sys
py> import new
py> new.module('newsys')
py> newsys = new.module('newsys')
py> newsys.__dict__.update(sys.__dict__)
py> newsys is sys
False
py> newsys == sys
False
Steve
More information about the Python-list
mailing list