Yes, this comes up every couple months and there is only one answer:
This is the job of the OS.
Java largely succeeds at doing sandboxy things because it was written that way from the ground up (to behave both like a program interpreter and an OS).
Python the language was not, and the CPython interpreter definitely was not.
Search groups.google.com for previous discussions of this on c.l.py
Could you give some useful queries? Every time I do this search, I get a few results, but never anything that really goes into the security holes in any depth. (They're ususally something like -- "look, given object, I can get int" not "look, given object, I can get eval, __import__, etc.)
Steve -- http://mail.python.org/mailman/listinfo/python-list
