Re: [Python-Dev] Some news from my sandbox project

Antoine Pitrou Sun, 19 Sep 2010 05:10:02 -0700

On Sun, 19 Sep 2010 12:19:44 +0200
Victor Stinner <[email protected]> wrote:
> Le dimanche 19 septembre 2010 01:05:45, Greg Ewing a écrit :
> > I don't follow. Trusted functions such as proxy() shouldn't
> > be sharing a __builtins__ dict with sandboxed code.
> > (...)
> > So give each program its own copy of __builtins__.
> 
> By "program" you mean a "process"? proxy() and untrusted functions are 
> executed in the same process and the same interpreter. Untrusted code calls 
> (indrectly) proxy(): should I create a new copy of __builtins__ for each 
> frame? I don't know how to do that in Python (without modify the Python 
> interpreter) and I suppose that it will make Python slower.


>>> def f(): return oct
... 
>>> f()
<built-in function oct>
>>> import types
>>> m = types.ModuleType("my builtins")
>>> m.__dict__.update(__builtins__.__dict__)
>>> m.oct = 3
>>> f.__globals__['__builtins__'] = m
>>> f()
3


Regards

Antoine.


_______________________________________________
Python-Dev mailing list
[email protected]
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Some news from my sandbox project

Reply via email to