Le dimanche 19 septembre 2010 01:05:45, Greg Ewing a écrit : > I don't follow. Trusted functions such as proxy() shouldn't > be sharing a __builtins__ dict with sandboxed code. > (...) > So give each program its own copy of __builtins__.
By "program" you mean a "process"? proxy() and untrusted functions are executed in the same process and the same interpreter. Untrusted code calls (indrectly) proxy(): should I create a new copy of __builtins__ for each frame? I don't know how to do that in Python (without modify the Python interpreter) and I suppose that it will make Python slower. The frame mechanism is already slow (create a new frame to call a Python function is much slower than calling a function in C). pysandbox creates a new separated namespace for untrusted functions, but __builtins__ "namespace" (dict) is shared between Python and pysandbox namespaces. -- Victor Stinner http://www.haypocalc.com/ _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com