Hi Tom, On 25 April 2015 at 01:32, Maciej Fijalkowski <fij...@gmail.com> wrote: > On Sat, Apr 25, 2015 at 1:13 AM, <t...@twhanson.com> wrote: >> Thanks for the idea. I played with the sandboxed version and it looks like >> it has potential.
It's not necessarily the only option. A sandboxed process comes with a lot of other constrains apart from "no filesystem access". There are alternatives: you could play in ways similar to how you would solve this with CPython, namely trying to embed the parts of the standard library and main program that you need. Just like sandboxing, we don't have much experience and tools to do that ourselves, so you still need to come up with all the details (and we can help, of course). Maybe something like: we can tweak pypy_setup_home() to accept NULL as a path. Then it would not try to automatically set up "sys.path" or import "site". You're left with what is a broken PyPy, in the sense that you cannot import anything, but then you can do calls like pypy_execute_source() to run 5-line scripts --- or even, as a hack, to declare and install complete modules whose source code you have previously copied into static strings in your binary. A bientôt, Armin. _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
