STINNER Victor <[email protected]> added the comment:
Example combining patches of #14385 and #14386 to run code with read-only
__builtins__:
----------- test.py -------------
ns={'__builtins__': __builtins__.__dict__}
exec(compile("__builtins__['superglobal']=1; print(superglobal)", "test",
"exec"), ns)
ns={'__builtins__': dictproxy(__builtins__.__dict__)}
exec(compile("__builtins__['superglobal']=2; print(superglobal)", "test",
"exec"), ns)
----------- end of test.py -----
Output:
--------
$ ./python test.py
1
Traceback (most recent call last):
File "x.py", line 4, in <module>
exec(compile("__builtins__['superglobal']=1; print(superglobal)", "test",
"exec"), ns)
File "test", line 1, in <module>
TypeError: 'dictproxy' object does not support item assignment
--------
Note: this protection is not enough to secure Python, but it is an important
part of a Python sandbox.
----------
_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue14385>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
