[Python-Dev] Reviving restricted mode? (original) (raw)
Ivan Krstić krstic at solarsail.hcs.harvard.edu
Mon Feb 23 04:28:21 CET 2009
- Previous message: [Python-Dev] Reviving restricted mode?
- Next message: [Python-Dev] Reviving restricted mode?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Feb 22, 2009, at 9:43 PM, Guido van Rossum wrote:
I'm not familiar with Genshi -- what is the purpose of the AST transformation here?
Sorry, I should have been clearer. If the only goal is to provide a
restricted bare interpreter, you can certainly just exec with a
restricted set of builtins and no import. Since Tav mentioned
wanting restricted execution of Genshi templates in particular (which
have a rather complicated mechanism for executing inline Python code),
I threw together a realistic, self-contained 'restricting Genshi' demo
which doesn't rely on outside restrictions, such as those provided by
GAE.
You can ignore the AST stuff; Genshi does it for its own (non- security) purposes.
-- Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
- Previous message: [Python-Dev] Reviving restricted mode?
- Next message: [Python-Dev] Reviving restricted mode?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]