[Python-Dev] Implementing restricted Python in Zope2 (original) (raw)
Shane Hathaway shane at hathawaymix.org
Thu Jul 17 20:42:21 CEST 2008
- Previous message: [Python-Dev] Implementing restricted Python in Zope2
- Next message: [Python-Dev] Implementing restricted Python in Zope2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ranjith kannikara wrote:
As a student I am not familiar with Restricted Python and python AST implementation.And in need of help to start the Restricted Python implementation.
Here is some context for Python-Dev.
RestrictedPython is a custom Python compiler that, when combined with a restricted environment, provides a sandbox safe enough to allow partly-trusted people to write and execute scripts on a Zope server. It has been used in Zope 2 for a long time and will have a future in Zope 3. The sandbox is more extensive than what the rexec module provides.
The safety of RestrictedPython has been validated in a somewhat formal process with Python 2.4. Ranjith is working to validate it with Python 2.5. He is first working to discover all changes between Python 2.4 and 2.5 that might have affected the safety of a RestrictedPython sandbox. Any changes to the AST, builtin functions, methods of builtin types, etc., need to be evaluated for safety.
So, in general, he is looking for detailed lists of changes between Python 2.4 and 2.5--more than the "What's New" doc.
Shane
- Previous message: [Python-Dev] Implementing restricted Python in Zope2
- Next message: [Python-Dev] Implementing restricted Python in Zope2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]