On 24 March 2010 21:01, Victor Stinner <[email protected]> wrote:
> FYI I wrote a new sandbox project for CPython:
>
> http://github.com/haypo/pysandbox/
>
> It's currently very specific to CPython: it uses evil tricks to create a read
> only view of the __builtins__ super global dictionary.
>
> It's completly different to the PyPy sandbox: if you escape from the sandbox,
> you get a full access to all Python functions.
>
> A long description:
> http://mail.python.org/pipermail/python-dev/2010-February/097701.html
I didn't dive too deeply into the source, but what is to stop one from asking:
[o for o in (1).__class__.__bases__[0].__subclasses__() if o.__name__
== 'file'][0]('/etc/passwd').read()
?
--
William Leslie
_______________________________________________
[email protected]
http://codespeak.net/mailman/listinfo/pypy-dev
