Greetings everyone, I've found this list an invaluable resource just by browsing past conversations, however I was hoping to get a little advice and direction with a question that I haven't really seen covered. (lately) I'm trying to integrate IronPython into a live gaming server, which means opening it up to people beyond my immediate circle of retribution should they do something unpleasant.
What I'm looking for is some advice as to how to tighten the scope of a module so that only the exposed hooks of my API are available. What I mean to say is, those API hooks are already visible, what bothers me is that I can type a couple of import statements into a script and do things like inspect the file system and manipulate those files, etc. After poking at the source I did something really inelegant, I made it so the parser did not recognize the import keyword, but I can't help but think there has to be a better way (as well as unseen consequences I haven't run into yet). I could inspect every single script being submitted, and I do, however the intent is to release the codebase for others to build their own worlds with. The engine is friendly enough that non-hardcore coders can use it, and the API is self-sufficient, which means that all an admin has to do is learn the basic lexical structure of Python to really take advantage of it. Still, I don't want a situation to arise where someone has a bad day and decides to run a script that deletes all the files in the directory or something. I'm not sure if I'm articulating myself correctly, it's late and I've spent the last hour or so poring over the documentation to see if I could find something. Any advice? --- Leo C.
_______________________________________________ Users mailing list [email protected] http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
