On Sat, Sep 18, 2010 at 8:24 PM, Greg Ewing <greg.ewing at canterbury.ac.nz> wrote: > Victor Stinner wrote: > >> I'm still developing irregulary my sandbox project since last june. > >> Today, the biggest problem is the creation of a read only view of the >> __builtins__ dictionary. > > Why do you think you need to do this? What form of attack > would a writable __builtins__ expose you to that would be > prevented by making it read-only? > > Seems to me that the only way you could exploit a writable > __builtins__ would be to put a function in there that does > something bad. But if you can create or obtain such a > function in the first place, you can just call it directly. __builtins__ is in everyone's global namespace, so if it can be mutated, different python programs running in the same sandbox can affect each other. Ditto sys.modules and os environ, but I guess that those are already addressed. -Rob
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4