import question

[lucas]

ok.  all good advice.  thank you for that.  and with all that I've decided what to do.

I'm going to close off any server-side python access so that I don't expose my server or the file system to vulnerabilities and/or wonton attacks.  I am building a site for education and what I will configure is allow students to setup and save their projects on the server but only direct them to program in client-side Brython, which is a javascript translation of python for browsers, hence "Brython" or "browser python".  my server will provide the javascript files for Brython and its standard libraries and any processing of the student's projects will be directly on the client-side.  this way there is no access to the server or cpu or memory management problems.  the server will simply server html and Brython-based text, i.e., static pages, to the client browser and the browser will process and interact with the Brython directly.  

overall, the server will stay secure and the students can learn python through Brython.  sound, right?  Lucas