Laszlo Nagy wrote: > Once upon a time, there has been a module called "bastillon" (am I > right?) and "rexec" (restricted execution environment) but they were not > really secure. It was a long time ago. Python is very flexible, and > interpreted and it is hard to prevent the users from importing modules.
Indeed. I think Zope's security proxies solve a lot of the problem as they are a C extension to python and so can't be circumvented ;-) > They can do nasty things. For example, open a file and eval() it etc. Yes, there are plenty of builtins that need to be blocked out and plenty of things that need to be blocked from being imported, but I know it is possible ;-) (see Zope's "Script (Python)" objects, I'm just hoping for a cleaner, simpler solution...) cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk -- http://mail.python.org/mailman/listinfo/python-list