On Tue, 25 Jan 2005 22:08:01 +0100, I wrote:
>>>> sys.safecall(func, maxcycles=1000)
> could enter the safe mode and call the func.
This might be even enhanced like this:
>>> import sys
>>> sys.safecall(func, maxcycles=1000,
allowed_domains=['file-IO', 'net-IO', 'devices', 'gui'],
allowed_modules=['_sre'])
Every access to objects that are not in the specified domains are
restricted by the interpreter. Additionally, external modules (which are
expected to be not "decorated" by those security checks) have to be in the
modules whitelist to work flawlessy (i.e. not generate exceptions).
Any comments about this from someone who already hacked CPython?
Kind regards,
Alexander
--
http://mail.python.org/mailman/listinfo/python-list
