Creating a reliable sandboxed Python environment

[Paul Rubin]

Chris Angelico <rosuav at gmail.com> writes:
> Turing completeness isn't the whole story. How do you go about
> sandboxing a Brainf* implementation such that it can be used to
> implement Python, but can't be used to read or arbitrary files from
> your file system?

We're talking about sandboxing, so preventing the sandboxed Python
interpreter written in embedded BF from accessing arbitrary files is the
whole point.  If you want to let a sandboxed program access a file, you
create some kind of managed handle outside the interpreter, and pass
that into the interpreter so the interpreted program can make a
constrained set of calls on it.  That's how Java applets work and it's
basically the opposite of Python's "consenting adults" approach which is
to let everything access everything.