rexec¶
Restricted execution facilities.
The class RExec exports methods r_exec(), r_eval(), r_execfile(), and r_import(), which correspond roughly to the built-in operations exec, eval(), execfile() and import, but executing the code in an environment that only exposes those built-in operations that are deemed safe. To this end, a modest collection of ‘fake’ modules is created which mimics the standard modules by the same names. It is a policy decision which built-in modules and operations are made available; this module provides a reasonable default, but derived classes can change the policies e.g. by overriding or extending class variables like ok_builtin_modules or methods like make_sys().
XXX To do: - r_open should allow writing tmp dir - r_exec etc. with explicit globals/locals? (Use rexec(“exec ... in ...”)?)
Classes¶
FileBase |
|
FileDelegate(mod, name) |
|
FileWrapper(f) |
|
RExec([hooks, verbose]) |
Basic restricted execution framework. |
RHooks(*args) |
|
RModuleImporter |
alias of ModuleImporter |
RModuleLoader |
alias of FancyModuleLoader |