Building a "safe" python?
Terry Reedy
tjreedy at udel.edu
Thu Mar 27 16:43:44 EDT 2008
<martin.nordstrom87 at gmail.com> wrote in message
news:4a2ade35-9624-4e26-ba47-984c72ea4f6a at y21g2000hsf.googlegroups.com...
| I'm making a game where you'll be able to make your own mods and I
| want to be able to write these mods in python. However, python has a
| lot of "dangerous" functions (like erase any file on the harddrive
| etc) so I want a "safe" python. I first found RExec but that is
| disabled in python 2.5 so I was thinking about building python from
| source with a few changes.
There are modable commercial games, such as CIV4 I believe, that use Python
as the scripting language for both the authors and modders. I presume they
use customized interpreters, without the open and file builtins and
process, socket, etc modules, and probably a customized import. But I have
never seen an article or report on exactly what changes there are.
There is also the question of what to about 'hang up' code like 'while
True: pass', but that is less a concern for a game run on home machines
than a web server. Anyone doing that could be blackballed from the mod
distribution site without having trashed anyone's system.
tjr
More information about the Python-list
mailing list