[Python-Dev] Reviving restricted mode? (original) (raw)

Guido van Rossum guido at python.org
Sun Feb 22 17:45:27 CET 2009

• Previous message: [Python-Dev] code.interact() locals + globals?
• Next message: [Python-Dev] Reviving restricted mode?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've received some enthusiastic emails from someone who wants to revive restricted mode. He started out with a bunch of patches to the CPython runtime using ctypes, which he attached to an App Engine bug:

http://code.google.com/p/googleappengine/issues/detail?id=671

Based on his code (the file secure.py is all you need, included in secure.tar.gz) it seems he believes the only security leaks are subclasses, gi_frame and gi_code. (I have since convinced him that if we add "restricted" guards to these attributes, he doesn't need the functions added to sys.)

I don't recall the exploits that Samuele once posted that caused the death of rexec.py -- does anyone recall, or have a pointer to the threads?

-- --Guido van Rossum (home page: http://www.python.org/~guido/)

• Previous message: [Python-Dev] code.interact() locals + globals?
• Next message: [Python-Dev] Reviving restricted mode?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list