Copyright (C) 2000-2012 |
GNU Info (python2.1-lib.info)Defining restricted environmentsDefining restricted environments -------------------------------- The `RExec' class has the following class attributes, which are used by the `__init__()' method. Changing them on an existing instance won't have any effect; instead, create a subclass of `RExec' and assign them new values in the class definition. Instances of the new class will then use those new values. All these attributes are tuples of strings. `nok_builtin_names' Contains the names of built-in functions which will _not_ be available to programs running in the restricted environment. The value for `RExec' is `('open', 'reload', '__import__')'. (This gives the exceptions, because by far the majority of built-in functions are harmless. A subclass that wants to override this variable should probably start with the value from the base class and concatenate additional forbidden functions -- when new dangerous built-in functions are added to Python, they will also be added to this module.) `ok_builtin_modules' Contains the names of built-in modules which can be safely imported. The value for `RExec' is `('audioop', 'array', 'binascii', 'cmath', 'errno', 'imageop', 'marshal', 'math', 'md5', 'operator', 'parser', 'regex', 'rotor', 'select', 'strop', 'struct', 'time')'. A similar remark about overriding this variable applies -- use the value from the base class as a starting point. `ok_path' Contains the directories which will be searched when an `import' is performed in the restricted environment. The value for `RExec' is the same as `sys.path' (at the time the module is loaded) for unrestricted code. `ok_posix_names' Contains the names of the functions in the `os' module which will be available to programs running in the restricted environment. The value for `RExec' is `('error', 'fstat', 'listdir', 'lstat', 'readlink', 'stat', 'times', 'uname', 'getpid', 'getppid', 'getcwd', 'getuid', 'getgid', 'geteuid', 'getegid')'. `ok_sys_names' Contains the names of the functions and variables in the `sys' module which will be available to programs running in the restricted environment. The value for `RExec' is `('ps1', 'ps2', 'copyright', 'version', 'platform', 'exit', 'maxint')'. automatically generated by info2www version 1.2.2.9 |