Simple Python Sandbox
Steven D'Aprano
steve at REMOVE-THIS-cybersource.com.au
Sat Aug 14 20:06:35 EDT 2010
On Sun, 15 Aug 2010 01:24:00 +0200, Roland Koebler wrote:
> I had the same problem, and so I created a "pseudo-sandbox" for
> embedding Python in templates. This "pseudo-sandbox" creates a
> restricted Python environment, where only whitelisted functions/classes
> are allowed. Additionally, it prevents things like '0 .__class__'.
Hmmm... is that meant just as an illustration of a general technique, or
do you actually have something against the class of 0? 0 .__class__ seems
pretty innocuous to me:
>>> type(0) is 0 .__class__ is int
True
[...]
> But note that this is not a real sandbox! As soon as you allow *any*
> unsafe function (e.g. open, import, eval, getattr etc.), you can easily
> break out.
Isn't that true of any sandbox though? Surely by definition, if you allow
an unsafe function in any sandbox, it's no longer an effective sandbox.
--
Steven
More information about the Python-list
mailing list