Safe Python (Was Re: The '.' at the head of the default sys.path)
Michael McLay (email@example.com)
Wed, 15 Jun 94 15:34:09 EDT
"Steven D. Majewski" writes:
> I'm not picky about which is which, and maybe someone
> can suggest a better convention ( maybe it makes more
> sense for the colon to go at the end for prepending ? )
> but I agree the the current conventions don't make for
> very secure scripts. However, most of my use is
> interactive, which is why I like the current defaults
> as long as there is a way to MAKE a secure script.
> Right now, the only method is to use my 'ImportFrom'
> hack to give an explicit pathname for import. ( Which,
> come to think of it, is probably the best way to do
> it anyway, but the above proposal would be a pretty
> minimal change. )
Would you please elaborate on the 'ImportFrom' hack. I am looking for
a way to set a "safe-script" mode from within a Python script. The
application requires Python to be embedded in a client program with a
safe mode for executing programs downloaded from an untrusted server
and with a standard mode that the client can use for client side
control. The intention is to allow a server to use a client as a
surrogate execution environment without compromising the client's
local operating environment.
The safe mode should turn off functions defined to interact with the
operating system, such as the open() function and it should prevent
imports from being called unless they are found in a safe path.