security
Bruno Desthuilliers
bdesth.quelquechose at free.quelquepart.fr
Tue Oct 25 16:59:34 EDT 2005
Mattia Adami a écrit :
> Hi to all.
> I'm intristing in write a plugin for browsers that can execute python
> code.
> I know the main problem is security. Many thread were opened about this
> in the ng.
> I would know if fork python rewriting some library could avoid
> problems. I.e. one problem is the possibility to access files. If I
> rewrite the open() function so that raises exception if the program try
> to access a file out of a defined directory.
> I'm sure not a security expert, so please be patient if my question is
> stupid.
> Thanks to all.
I'm not a security expert either, but you may want to have a look at the
way Zope 2.x handles this kind of restrictions for TTW scripts.
More information about the Python-list
mailing list