I think python's import system is modularized and extensible. You can write restrictions in your program to limit how modules access external code. I've also been using the RestrictedPython project from Zope foundation. It overs a way of creating a sandbox environment for python quite easily by leveraging python's extensible nature.
On Sun, Feb 26, 2023, 8:58 PM python--- via Python-ideas < [email protected]> wrote: > Could you elaborate on how Python code can easily bypass that sort of > restriction? > > >From my understanding, you can only do so with importlib by reading the > raw source and evaluating it. In that case, I can just restrict importlib? > Same with the open function which is from the io module which can also be > restricted (and removed from builtins in that case). > > Here's a diff of my implementation and upstream's 3.11.0 tag. It's 17 > commits with most being README changes. I hope this makes it more clear. > https://github.com/python/cpython/compare/3.11...R9295:cpython:policy > > Regards, > Aarnav > _______________________________________________ > Python-ideas mailing list -- [email protected] > To unsubscribe send an email to [email protected] > https://mail.python.org/mailman3/lists/python-ideas.python.org/ > Message archived at > https://mail.python.org/archives/list/[email protected]/message/NWQCBFQECB3CI3WSHSK46FTX3MAN5Z25/ > Code of Conduct: http://python.org/psf/codeofconduct/ >
_______________________________________________ Python-ideas mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/[email protected]/message/K7ISQZFRCFVNP2DTRXSQ6NCUJ6ZO6MWE/ Code of Conduct: http://python.org/psf/codeofconduct/
