www.fifi.org
    Documentation
        Manpages
        GNU Info
        Debian document tree
        Whole document tree
    Trigance web page
    Public services
    User info
    Mailing lists
    Secure server
    Multilingual usage
 

Copyright (C) 2000-2012
Philippe Troin
<webmaster@fifi.org>.

Validate HTML
Validate CSS

    

GNU Info

Info Node: (python2.1-lib.info)Defining restricted environments

(python2.1-lib.info)Defining restricted environments

Next: An example Prev: RExec Objects Up: rexec
Enter node , (file) or (file)node 

Defining restricted environments
--------------------------------

The `RExec' class has the following class attributes, which are used by
the `__init__()' method.  Changing them on an existing instance won't
have any effect; instead, create a subclass of `RExec' and assign them
new values in the class definition.  Instances of the new class will
then use those new values.  All these attributes are tuples of strings.

`nok_builtin_names'
     Contains the names of built-in functions which will _not_ be
     available to programs running in the restricted environment.  The
     value for `RExec' is `('open', 'reload', '__import__')'.  (This
     gives the exceptions, because by far the majority of built-in
     functions are harmless.  A subclass that wants to override this
     variable should probably start with the value from the base class
     and concatenate additional forbidden functions -- when new
     dangerous built-in functions are added to Python, they will also
     be added to this module.)

`ok_builtin_modules'
     Contains the names of built-in modules which can be safely
     imported.  The value for `RExec' is `('audioop', 'array',
     'binascii', 'cmath', 'errno', 'imageop', 'marshal', 'math', 'md5',
     'operator', 'parser', 'regex', 'rotor', 'select', 'strop',
     'struct', 'time')'.  A similar remark about overriding this
     variable applies -- use the value from the base class as a
     starting point.

`ok_path'
     Contains the directories which will be searched when an `import'
     is performed in the restricted environment.  The value for `RExec'
     is the same as `sys.path' (at the time the module is loaded) for
     unrestricted code.

`ok_posix_names'
     Contains the names of the functions in the `os' module which will
     be available to programs running in the restricted environment.
     The value for `RExec' is `('error', 'fstat', 'listdir', 'lstat',
     'readlink', 'stat', 'times', 'uname', 'getpid', 'getppid',
     'getcwd', 'getuid', 'getgid', 'geteuid', 'getegid')'.

`ok_sys_names'
     Contains the names of the functions and variables in the `sys'
     module which will be available to programs running in the
     restricted environment.  The value for `RExec' is `('ps1', 'ps2',
     'copyright', 'version', 'platform', 'exit', 'maxint')'.
automatically generated by info2www version 1.2.2.9