On Sun, Apr 10, 2016 at 02:08:16PM -0700, Nikolaus Rath wrote: > On Apr 10 2016, Jon Ribbens <jon+python-...@unequivocal.co.uk> wrote: > > On Sat, Apr 09, 2016 at 02:43:19PM +0200, Victor Stinner wrote: > > That's the opposite of my approach though - I'm starting small and > > adding things, not starting with everything and removing stuff. > > That contradicts what you said in another mail: > > On Apr 08 2016, Jon Ribbens <jon+python-...@unequivocal.co.uk> wrote: > > Ah, I've not used Python 3.5, and I can't find any documentation on > > this cr_frame business, but I've added cr_frame and f_back to the > > disallowed attributes list.
No, you've just misunderstood my meaning. Obviously I'm not only allowing access to whitelisted variable and property names, that would be ridiculous ("your code may only use variables called 'foo', 'bar' and 'baz'..."). The point is that we can start with, say, only allowing expressions and not statements, and a __builtins__ that contains literally nothing. We can even limit ourselves to disallow, say, lambda and yield and generator expressions if we like. Can this minimal language be made "safe"? If so, we have already won something - the ability to use "eval" as a powerful calculator function. Then, can we allow statements? Can we allow user-defined classes? Can we allow try/catch? etc. With regard to names by the way, I suspect that disallowing just anything starting "_" and the names of the properties of frame objects would be good enough. Unless someone knows a way to get to an object's __dict__ or its type without using vars() or type() or underscore attributes... _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com