«

Hi all,

I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.

I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine in a sandboxed environment that has access to the Python modules and classes that I provide?

Thanks for your help.

Best regards,
Robin

[0] http://wiki.python.org/moin/SandboxedPython
[1] http://stackoverflow.com/questions/3...in-pure-python

On Saturday, 6 October 2012 04:00:08 UTC+5:30, Robin Krahl wrote:
> Hi all,
>
> I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.
>
> I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine ina sandboxed environment that has access to the Python modules and classes that I provide?
>
> Thanks for your help.
>
> Best regards,
> Robin
>
> [0] http://wiki.python.org/moin/SandboxedPython
> [1] http://stackoverflow.com/questions/3...in-pure-python
From http://wiki.python.org/moin/SandboxedPython
"The Java and CLR/.NET runtimes support restricted execution, and these canbe utilised through the Jython and IronPython variants of Python (as well as by other languages, obviously)."
You can also check out http://doc.pypy.org/en/latest/sandbox.html for PyPy's sandbox

On Saturday, 6 October 2012 04:00:08 UTC+5:30, Robin Krahl wrote:
> Hi all,
>
> I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.
>
> I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine ina sandboxed environment that has access to the Python modules and classes that I provide?
>
> Thanks for your help.
>
> Best regards,
> Robin
>
> [0] http://wiki.python.org/moin/SandboxedPython
> [1] http://stackoverflow.com/questions/3...in-pure-python
>From http://wiki.python.org/moin/SandboxedPython
"The Java and CLR/.NET runtimes support restricted execution, and these canbe utilised through the Jython and IronPython variants of Python (as well as by other languages, obviously)."
You can also check out http://doc.pypy.org/en/latest/sandbox.html for PyPy's sandbox