Simple Python Sandbox
Stephen Hansen
me+list/python at ixokai.io
Sat Aug 14 22:43:13 EDT 2010
On 8/14/10 5:06 PM, Steven D'Aprano wrote:
> On Sun, 15 Aug 2010 01:24:00 +0200, Roland Koebler wrote:
>
>> I had the same problem, and so I created a "pseudo-sandbox" for
>> embedding Python in templates. This "pseudo-sandbox" creates a
>> restricted Python environment, where only whitelisted functions/classes
>> are allowed. Additionally, it prevents things like '0 .__class__'.
>
> Hmmm... is that meant just as an illustration of a general technique, or
> do you actually have something against the class of 0? 0 .__class__ seems
> pretty innocuous to me:
>
>>>> type(0) is 0 .__class__ is int
> True
Assuming you have a totally restricted environment, where none of the
normal built-ins are available-- notably "type"-- in theory I thought
once that you could exec pretty safely. Because there's just no access
to anything!
But, alas, someone showed me I was wrong. 0 .__class__ can lead you to
"type".
And type.__subclasses__ happily leads you to everything in the world.
I solve this by just refusing to allow getattr, and __ anywhere in the
file to be saved just gets turned into xx, so its impossible (I think)
for users to access or use any special method.
--
Stephen Hansen
... Also: Ixokai
... Mail: me+list/python (AT) ixokai (DOT) io
... Blog: http://meh.ixokai.io/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-list/attachments/20100814/93d5954d/attachment-0001.sig>
More information about the Python-list
mailing list