Hi, Jeff, > Von: Jeff Hardy [mailto:jdha...@gmail.com] > On Wed, Oct 17, 2012 at 3:08 AM, Markus Schaber <m.schaber@3s- > software.com> wrote: > > We're using IronPython as a hosted script engine in our application. > > > Now, we want to restrict the assemblies a user can reference from its > > python script, > > > > Currently, we just forbid "import clr", by wrapping the import() > > method, but this is a bit harsh, and the side-effects are a little bit > to strong (e. G. > > it causes "import minidom.py" to fail...) > > > > I'm pretty sure that importing of CLR classes also goes through > __import__(). So you should be able to blacklist/whitelist whatever > classes you want that way. This doesn't prevent loading the assemblies, > but it does make the classes more difficult to access. > > If whatever hook you're using to block `import clr` doesn't fire for > `import System` as well, file an issue. And patch, preferably :).
It also fires for "import System". However, this is a different granularity - our "natural" granularity in our existing framework is assemblies, and __import__() works on python modules and .net namespaces, and sometimes a namespace contains members from different assemblies. I think I'll go with wrapping all the import methods on the clr module then. Best regards Markus Schaber -- ___________________________ We software Automation. 3S-Smart Software Solutions GmbH Markus Schaber | Developer Memminger Str. 151 | 87439 Kempten | Germany | Tel. +49-831-54031-0 | Fax +49-831-54031-50 Email: m.scha...@3s-software.com | Web: http://www.3s-software.com CoDeSys internet forum: http://forum.3s-software.com Download CoDeSys sample projects: http://www.3s-software.com/index.shtml?sample_projects Managing Directors: Dipl.Inf. Dieter Hess, Dipl.Inf. Manfred Werner | Trade register: Kempten HRB 6186 | Tax ID No.: DE 167014915 _______________________________________________ Ironpython-users mailing list Ironpython-users@python.org http://mail.python.org/mailman/listinfo/ironpython-users
