--- andrew baker <[EMAIL PROTECTED]> wrote:
> Howdy, > > I've been pondering alternative methods to allowing > unknown persons to > submit game code in my game engine, e.g. player > created levels, characters, > monsters and items, but of course sandboxing Python > code is nontrivial. > I've hit upon using a Scheme interpreter in Python > to potentially solve this > problem, with a possible variation on parsing to > make the Scheme code appear > more Pythonic. Has anyone had similar success or > failure or a better > understanding of Scheme than me who explain why this > is A) awesome or B) teh > suck. > > And, yes, I know how daft it may seem to embed > another interpreted language > inside an interpreted language, but I'm expecting > rather small Scheme > patterns, and Python in its current state simply > cannot be sandboxed, and I > think I might actually hate C++. :D > > Thanks, > > -- > Andrew Ulysses Baker > "failrate" > Had the exact same problem. You (should) be able to base a safe Python sub-interpreter off of this code: http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496746 When I tested it a little bit(haven't actually implemented in my project) I found that I had to disable one of the asserts to make it work as an imported module; and I didn't actually execute the eval with the time-out thread after it ran the tests, but instead flagged the code as safe. This means that I've left it open to crash programs, but in theory it should otherwise be safe and perform about as well as my main code. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
