On 2016-04-07, Random832 <random...@fastmail.com> wrote: > On Thu, Apr 7, 2016, at 08:13, Jon Ribbens wrote: >> > All the obvious, and even not-so-obvious, attack tools are gone: >> > eval, exec, getattr, type, __import__. > > We don't even need to take these away, per se. > > eval and exec could be replaced with functions that perform the > evaluation with the same rules in the same sandbox.
Ah, that's a good point. I've put an example script here: https://github.com/jribbens/unsafe/blob/master/unsafe.py When run as a script, it will execute whatever Python code you pass it on stdin. If anyone can break it (by which I mean escape from the sandbox, not make it use up all the memory or go into an infinite loop, both of which are trivial) then I would be very interested. -- https://mail.python.org/mailman/listinfo/python-list
