On 7/14/06, Guido van Rossum <[EMAIL PROTECTED]> wrote:
I have a use case for sandboxing. I am already having to plan to have a mini-sys module in a sandbox so that they cannot get access to dangerous things.
-Brett
Whoa, whoa. What's the *problem* we're trying to solve here?
I have a use case for sandboxing. I am already having to plan to have a mini-sys module in a sandbox so that they cannot get access to dangerous things.
-Brett
On 7/14/06, Nick Coghlan < [EMAIL PROTECTED]> wrote:
> Greg Ewing wrote:
> > Maybe sys needs to be split into two modules, with
> > the non-sensitive one pre-imported (so that the
> > importless interpreter you suggest wouldn't be
> > unnecessarily crippled).
>
> Maybe not splitting it, but providing a read-only mechanism of getting at
> certain elements, with "import sys" still being the way of *modifying* any of
> these things.
>
> Relatively safe items (could be provided as attributes and methods of a
> read-only class instance in builtins instead of as a module):
>
> argv (as a tuple instead of a list)
> byteorder
> maxint
> maxunicode
> builtin_module_names
> copyright
> exc_info()
> exec_prefix
> executable
> exit([arg])
> getdefaultencoding()
> getfilesystemencoding()
> getwindowsversion()
> hexversion
> platform
> prefix
> stdin
> stdout
> stderr
> version
> version_info
> winver
>
>
> Arguably privileged information (no real reason for non-privileged code to
> know this stuff):
> subversion
> getcheckinterval()
> getdlopenflags()
> dllhandle
> _current_frames()
> getrefcount(object)
> getrecursionlimit()
> _getframe([depth])
> __displayhook__
> __excepthook__
> __stdin__
> __stdout__
> __stderr__
> api_version
> warnoptions
> tracebacklimit
> displayhook(value)
> excepthook(type, value, traceback)
> ps1
> ps2
>
>
> Definitely privileged operations:
> Actually *setting* any of the above to something different
> modules
> path
> exc_clear()
> setcheckinterval(interval)
> setdefaultencoding(name)
> setdlopenflags(n)
> setprofile(profilefunc)
> setrecursionlimit(limit)
> settrace(tracefunc)
> settscdump(on_flag)
>
> Cheers,
> Nick.
>
> --
> Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia
> ---------------------------------------------------------------
> http://www.boredomandlaziness.org
> _______________________________________________
> Python-Dev mailing list
> Python-Dev@python.org
> http://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: http://mail.python.org/mailman/options/python-dev/guido%40python.org
>
--
--Guido van Rossum (home page: http://www.python.org/~guido/)
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: http://mail.python.org/mailman/options/python-dev/brett%40python.org
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
