Using RestrictedPython

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • Rasjid Wilcox

    Using RestrictedPython

    Hi,

    I found references on Google to a discussion a little while ago about using
    RestrictedPytho n instead of rexec and Bastion. But I've had trouble
    finding documentation.

    Below is my test program. Am I doing this the right way?

    - - - -
    #!/usr/bin/env python

    from RestrictedPytho n import compile_restric ted

    def g(x):
    return "Function g(x)"

    fn = '''
    def f(x):
    return "x: " + str(x) + " x^2: " + str(x*x)

    '''

    fn2 = '''
    def h(x):
    f = open('test-out.txt', 'w')
    f.write(x)
    f.close()
    s = 'Just wrote to a file'
    return s
    '''

    exp = 'str(f(3))'

    cofn = compile_restric ted(fn, '<string> ', 'exec')
    exec(cofn)
    coexp = compile_restric ted(exp, '<string>', 'eval')
    print "Restricted eval: " + str(eval(coexp) )

    f = g
    print "Restricted eval: " + str(eval(coexp) )

    exec(fn2)
    print "Native exec: " + str(h("Native exec\n"))

    h = None
    #cofn2 = compile(fn2, '<string>', 'exec')
    cofn2 = compile_restric ted(fn2, '<string>', 'exec')
    exec(cofn2)
    try:
    print h("Restricted exec\n")
    except:
    print "Can't run restricted code?"

    - - - -

    I know it runs and it seems to do what I expect, but is it 'right'?

    Thanks,

    Rasjid.

  • Evan Simpson

    #2
    Re: Using RestrictedPytho n

    Rasjid Wilcox wrote:[color=blue]
    > Below is my test program. Am I doing this the right way?[/color]

    Well, you've got the basics of compiling and executing the compiled
    code. What you need to understand about RestrictedPytho n, though, is
    that while it provides the raw material for restricted execution, you
    need to supply a policy implementation. You hook up your implementation
    by providing a set of specially named objects in the global dict that
    you use for execution of code. Specifically:

    1. "_print_" is a callable object that returns a handler for print
    statements. This handler must have a 'write()' method that accepts a
    single string argument, and must return a string when called. The
    PrintCollector module has an implementation.

    2. "_write_" is a guard function taking a single argument. If the
    object passed to it may be written to, it should be returned, otherwise
    the guard function should raise an exception.

    3. "_getattr_" and "_getitem_" are guard functions, each of which takes
    two arguments. The first is the base object to be accessed, while the
    second is the attribute name or item index that will be read. The guard
    function should return the attribute or subitem, or raise an exception.

    4. "__import__ " is the normal Python import hook, and should be used to
    control access to Python packages and modules.

    5. "__builtins __" is the normal Python builtins dictionary, which should
    be weeded down to a set that cannot be used to get around your
    restrictions. A usable "safe" set is in the Guards module.

    To help illustrate how this works under the covers, here's an example
    function along with (sort of) how it looks after restricted compilation:

    def f(x):
    x.foo = x.foo + x[0]
    print x
    return printed

    def f(x):
    # Make local variables from globals.
    _print = _print_()
    _write = _write_
    _getattr = _getattr_
    _getitem = _getitem_
    #
    _write(x).foo = _getattr(x, 'foo') + _getitem(x, 0)
    print >>_print, x
    return _print()

    Cheers,

    Evan @ 4-am



    Comment

    Working...