Chris Withers wrote at 2007-11-22 17:08 +0000:
>Dieter Maurer wrote:
>> Chris Withers wrote at 2007-11-20 23:55 +0000:
>>> Dieter Maurer wrote:
>>>> You execute their code in a "globals" the "__builtins__" of which
>>>> contains precisely the builtins you want to give them.
>>> unfortunately that still leaves the import problems, correct?
>> The "import" "command" is mapped to the "__import__" builtin.
>> Thus, changing the "__import__" builtin....
>Hmmm, looking into this more. I think fiddling with supplying
>__builtins__ and __import__ is susceptible to those being deleted from
>the local or global namespace and so being replaced by ones from the
>Am I right in seeing those as security risks? These seem to be some of
>the reasons rexec and bastion were dropped from python:
There have been reasons why Python no longer promisses a
secure restricted environment....
When you look carefully, you see that this problem has been fixed.
You handle this with security proxied objects, right?
Security questions are very delicate. Nobody will probably give
you a garantee that the approach is really safe.
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -