Hi List! I was thinking about secure Python code execution, and I'd really appreciate some comments from those who know Python better than I do.
I was thinking that maybe it could be possible to load and run untrusted Python code, simply by loading it in a module with a modified version of __builtins__. Without any reachable function that do unsafe operations, code running from there shouldn't be able to do evil things. Or? What would happen to `import'? Would it be possible to set a null import path for a specific module. Are there any other ways to reach modules/functions that would make this impossible (I don't seem to be able to remember, but aren't there cross-references somewhere to the defining modules of data passed to the code in the secure module)? If this doesn't work, might there be some other way to run untrusted code that I haven't thought of (apart from using O/S-specific stuff like SECCOMD, of course). Thank you very much for your time! Fredrik Tolf -- http://mail.python.org/mailman/listinfo/python-list