Restricted Access
Maric Michaud
maric at aristote.info
Wed Jul 12 02:50:01 EDT 2006
Le mercredi 12 juillet 2006 08:17, iapain a écrit :
>
> I'm having currently working on OS/2 and Linux platform, I've designed
> a web based ide for python and i wish to restrict some commands
There is a restricted environment in Zope for TTW python scripts and
ZPT/DTML .
These scripts are run in the Zope process in a very restricted environment
which forbid the use of most builtins and allow the import of a limited list
of modules.
Why don't use the RestrictedPython module from Zope (2.8 and up) and adapt it
a bit. It seems loose coupled to the Zope internals (except for the
multimapping class which is an extension class, but I doubt it's really a
problem). It shouldn't be a too hard.
You'll need to make your own AccessControl/ZopeGuards.py-like module, and
probably subclass the RestrictionMutator to enable/disable certain
functionnality (interdiction of names beginning by '_' for example is hard
coded).
At last, you will get a simple example of the usage of the whole beast from
your own interpreter in Products/PythonScripts.
> and
> user can only access i.e rwx in his folder.
>
This should be possible by providing a wrapper function for file and open (see
the Guards.py module).
IMO, it worth to be tried, and I don't see any other short-term, less hacky,
solution.
regards,
--
_____________
Maric Michaud
_____________
Aristote - www.aristote.info
3 place des tapis
69004 Lyon
Tel: +33 426 880 097
More information about the Python-list
mailing list