Replacing open builtin
Peter Hansen
peter at engcorp.com
Wed May 11 10:07:56 EDT 2005
rmm at iname.com wrote:
> I had a quick look at the python source code and fileobject.c is one of
> the core classes which, I would imagine, is why a reference can be
> obtained. The other classes (method, dictionaries etc) don't look so
> much of a liability. I'll maybe try disabling the fopen calls in
> fileobject and see if it breaks anything (I've no need to open/close
> files using the standard libraries).
>
> Are there any other holes you can think of in the following scenario-
> I disable all builtins except import which I protect in my 'Isolate'
> class, I then only allow import to import a single module name.
You *really* ought to be checking the list archives for the *many* past
discussions of this, and the many ways in which it is nowhere near as
easy as you seem to think it might be, as well as for the variety of
partially completed efforts -- some of which closely resemble your
approach -- which have been abandoned after it was demonstrated how the
could not work.
On the other hand, after reading all that, you just might be the one to
come up with the solution that combines just enough of each approach to
solve the problem once and for all, and the community would be very
grateful to you.
But I doubt you'll solve this by asking Jp to review (and, inevitably,
shoot down) each idea you come up with. Give him a break until you've
read some of the archived material on this. :-)
-Peter
More information about the Python-list
mailing list