Just wondering.. has anyone out there wrote a python interpreter *in* python that has security/sandbox functionality/hooks? Then it could offer the option (as another user selectable security level) of "secure but slow", which might be adequate for simple or non-intensively called scripts. Since it would be a python script itself, it would/should be portable across the underlying implementation.
Depending on the features of such a hypothetical library/module, if the parsed expression tree can be checked and determined to be simple (i.e. no field assignments, no arbitrary function calls, etc..) and known safe, it could be then be directly eval'd by the real python and not just emulated. Essentially a variation of one of the ideas previously mentioned in this thread. -Chad _______________________________________________ Bf-committers mailing list [email protected] http://lists.blender.org/mailman/listinfo/bf-committers
