On Jun 25, 1:21 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > This wiki page suggests using a chroot jail to sandbox Python, but > wouldn't running something like this in your sandboxed Python instance > still break you out of the chroot jail: > > os.execle ('/usr/bin/python','-c','import os; os.execlp("/bin/sh")', > {}) > > or maybe: > > del os.environ['LD_PRELOAD'] > os.execl ('/usr/bin/python','-c','import os; os.execlp("/bin/sh")') > > My ISP suggested these as counter-examples to my request for a chroot > jail. (I couldn't even get Python running in chroot to test this, nor > could I run these commands locally in Python on Ubuntu, though maybe > they opened sh?) > > So is a chroot jail not adequate for sandboxing Python? > > -Greg
Edit: Google groups stripped out the URL. It's http://wiki.python.org/moin/How_can_I_run_an_untrusted_Python_script_safely_(i.e._Sandbox) (or the page titled this on the Python wiki if it strips out the url above again) "How can I run an untrusted Python script safely (i.e. Sandbox)" -Greg -- http://mail.python.org/mailman/listinfo/python-list