Python security restrictions for user input

Question

During developing one of my applications, I've come to a point where I'd like to give the users a more powerful filter. Therefore, I'd like to provide a simple scripting interface to the users. The scripting language would be Python.

For obvious reasons, I'd like to tighten the scope of the language to match my particular purposes (I don't want the users to touch the server's HDD files etc.). I also don't want to write a Python interpreter myself (which would be reinventing the wheel and the "new" wheel would be rectangular in the end). However, I haven't found any suitable library or module for this purpose.

Groovy's approach with its Compilation Customizers and Compiler Configuration would be exactly what I want, does something similar exist for Python?

Answer 1

What you're looking for is called a "sandbox" or "restricted execution." This wiki page discusses some of the details.

In a nutshell, there have been several efforts by Python geeks and gurus to build a sandbox on top of Python but they all failed eventually.

The main reason is that Python offers so many paths to do something that the sandbox would either have to forbid common use cases (rendering a lot of the library and Python code useless) or it would have to have holes in the sandbox which would make the concept useless.

So while it looks like a good and simple idea, so far, there is no solution. AFAIK, there are no hooks in Python to tweak the byte code compiler to achieve something like Groovy Sandbox.

Related:

• How can I sandbox Python in pure Python?
• Is there a "safe" subset of Python for use as an embedded scripting language?