Running scripts in a sandbox
Diez B. Roggisch
deets at nospam.web.de
Tue Oct 3 18:59:04 EDT 2006
Samuel schrieb:
> Hi,
>
> I currently have two files:
>
> core.py
> Runs the application, provides APIs to plugins
>
> untrusted-plugin.py
> Executes code using the API from core.py
>
> I would like to run the code of untrusted-plugin.py in a sandbox, but
> still provide it with some hooks to the core API.
> My environment does not allow me to apply any changes OS-wise (standard
> web hoster), so I have no way to run the plugin in another process.
>
> I found a reference to rexec using Google, but apparently it was
> removed due to security issues in Python 2.3. Is there antoher way to
> do this?
ZOPE has some restriced execution environment - maybe you can borrow it.
But it is very restrictive I believe, and generally speaking python
isn't equipped to support fine coarsed resource control. Maybe at some
point PyPy might help there, but that certainly will take a while and
isn't standard webhoster stuff either.
diez
More information about the Python-list
mailing list