On Fri, Oct 19, 2012 at 2:00 AM, lars van gemerden <l...@rational-it.com> wrote: > I get your point, since in this case having the custom code option makes the > system a whole lot less complex and flexible, i will leave the option in. The > future customer will be informed that they should handle the security around > the designers as if they were programmers. Aditionally i will probably add > some screening for unwanted keywords (like 'import') and securely log any > new/changed custom code including the designer account (must do that for > other actions anyway).
That sounds like a reasonable implementation of Layer Eight security. As long as everyone understands that this code can do ANYTHING, you'll be fine. You may want to add some other programmatic checks, though; for instance, a watchdog timer in case the code gets stuck in an infinite loop, or a memory usage limit, or somesuch. Since you're no longer worrying about security, this sort of thing will be fairly easy, and will be just to help catch common errors. ChrisA -- http://mail.python.org/mailman/listinfo/python-list
