Thanks, Chris (and others), for the comprehensive answer (as usual). I
got interesting insights into Python's inner workings. Of course, when
everything is an object, everything has parents and other relatives, so
by traversing that tree in the right way one can make one's way all the
way to
On Tue, Jan 21, 2020 at 4:59 PM wrote:
>
> On Mon, 20 Jan 2020 06:43:41 +1100
> Chris Angelico wrote:
>
> > On Mon, Jan 20, 2020 at 4:43 AM wrote:
> > > It works, but is it safe?
> >
> > As such? No.
>
> That's what many people have said, and I believe them. But just from a
> point of technical
On Mon, 20 Jan 2020 06:43:41 +1100
Chris Angelico wrote:
> On Mon, Jan 20, 2020 at 4:43 AM wrote:
> > It works, but is it safe?
>
> As such? No.
That's what many people have said, and I believe them. But just from a
point of technical understanding: If I start with empty global and
local
> On 19. Jan 2020, at 19:35, mus...@posteo.org wrote:
>
> Is it actually possible to build a "sandbox" around eval, permitting it
> only to do some arithmetic and use some math functions, but no
> filesystem acces or module imports?
>
> I have an application that loads calculation recipes (a
On 2020-01-19, Jon Ribbens via Python-list wrote:
> On 2020-01-19, mus...@posteo.org wrote:
>> Is it actually possible to build a "sandbox" around eval [...]
>>
>> [...]
>>
>> It works, but is it safe?
>
> No, not even slightly. If you want to do this you need to write your
> own interpreter
On Mon, Jan 20, 2020 at 4:43 AM wrote:
>
> Is it actually possible to build a "sandbox" around eval, permitting it
> only to do some arithmetic and use some math functions, but no
> filesystem acces or module imports?
>
> I have an application that loads calculation recipes (a few lines of
>
On 2020-01-19, mus...@posteo.org wrote:
> Is it actually possible to build a "sandbox" around eval, permitting it
> only to do some arithmetic and use some math functions, but no
> filesystem acces or module imports?
>
> I have an application that loads calculation recipes (a few lines of
>
On Sun, 19 Jan 2020 at 17:45, wrote:
>
> Is it actually possible to build a "sandbox" around eval, permitting it
> only to do some arithmetic and use some math functions, but no
> filesystem acces or module imports?
No. This has been tried before, and it simply isn't safe in the face
of
