If I replace the open builtin eg
import main
__main__.__buil tins__.open=Non e
Is there any way, from here on, to access the original open function??
Extending this slightly, lets say I put a reference to the original
open function inside a class called Isolate and protect this reference
using __getattribute_ _ and __setattr__. Is the original function now
isolated and only able to be referenced within Isolate.
In summary, are there any references to builtin functions others than
through __builtins__ and is __getattribute_ _, __setattr__ secure
Regards
RMM
11  1937 
Can anyone recommend a Python interactive shell for use in presentations?
Ideal characteristics (priority order):
o configurable font size
o full screen mode
o readline support
o syntax coloring
I've tried ipython but, since it runs inside a console window, and the
console window has a limited number of selectable fonts, it doesn't
work terribly well.
I've seen presentations using some sort of PyGame implemented shell.
Does anyone have an information on that?
Cheers,
Brian
Sorry, should maybe have used __import__ as an example.
Let's say I grab import, store the reference within the Isolate class
and then redirect the builtin import to a function in the Isolate class
which only allows certain modules to be imported -eg not sys. Would
this be secure?
>>>>> "Brian" == Brian Quinlan <br***@sweetapp .com> writes:
Brian> Can anyone recommend a Python interactive shell for use in
Brian> presentations?
Brian> I've tried ipython but, since it runs inside a console
Brian> window, and the console window has a limited number of
Brian> selectable fonts, it doesn't work terribly well.
Hmm, do you consider the fonts in a console window unreadable? I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
--
Ville Vainio http://tinyurl.com/2prnb
I had a quick look at the python source code and fileobject.c is one of
the core classes which, I would imagine, is why a reference can be
obtained. The other classes (method, dictionaries etc) don't look so
much of a liability. I'll maybe try disabling the fopen calls in
fileobject and see if it breaks anything (I've no need to open/close
files using the standard libraries).
Are there any other holes you can think of in the following scenario-
I disable all builtins except import which I protect in my 'Isolate'
class, I then only allow import to import a single module name.
Thanks for the speedy and informative replies.
RMM
rm*@iname.com wrote: I had a quick look at the python source code and fileobject.c is one of
the core classes which, I would imagine, is why a reference can be
obtained. The other classes (method, dictionaries etc) don't look so
much of a liability. I'll maybe try disabling the fopen calls in
fileobject and see if it breaks anything (I've no need to open/close
files using the standard libraries).
Are there any other holes you can think of in the following scenario-
I disable all builtins except import which I protect in my 'Isolate'
class, I then only allow import to import a single module name.
You *really* ought to be checking the list archives for the *many* past
discussions of this, and the many ways in which it is nowhere near as
easy as you seem to think it might be, as well as for the variety of
partially completed efforts -- some of which closely resemble your
approach -- which have been abandoned after it was demonstrated how the
could not work.
On the other hand, after reading all that, you just might be the one to
come up with the solution that combines just enough of each approach to
solve the problem once and for all, and the community would be very
grateful to you.
But I doubt you'll solve this by asking Jp to review (and, inevitably,
shoot down) each idea you come up with. Give him a break until you've
read some of the archived material on this. :-)
-Peter
Ville Vainio wrote: Hmm, do you consider the fonts in a console window unreadable?
In fullscreen mode, yes (you get no choice of font size in Windows XP).
In Windowed mode you still only get a limited font selection (only two
fonts and only a few type sizes [most of which are small]).
I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
I'll get by but I was hoping for something better.
Cheers,
Brian
---------- Forwarded message ----------
From: James Carroll <mr*****@gmail. com>
Date: May 11, 2005 10:43 AM
Subject: Re: Interactive shell for demonstration purposes
To: Brian Quinlan <br***@sweetapp .com>
I would personally try looking at the PyCrust.py that's included with
wxPython. It has a standard shell, and you can use the Ctrl-] hotkey
to increase the font size. You can make it big and readable... (but
not bold, which would be nice.) Then, hide your taskbars (or system
menus) and maximize...
-Jim
On 5/11/05, Brian Quinlan <br***@sweetapp .com> wrote: Ville Vainio wrote: Hmm, do you consider the fonts in a console window unreadable?
In fullscreen mode, yes (you get no choice of font size in Windows XP).
In Windowed mode you still only get a limited font selection (only two
fonts and only a few type sizes [most of which are small]).
I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
I'll get by but I was hoping for something better.
Cheers,
Brian
--
http://mail.python.org/mailman/listinfo/python-list
Sorry, didn't mean to pester Jp
I have checked the archives, Rexec copies __builtins__, causing the del
__builtins__ issue. I'm modifying the lowest level__builtins __.
I am also using __getAttribute_ _ and __setAttr__, I could find no
mention of security holes on the lists.
Let me re-state the question:
1. Once I've set all builtins except Import to None. Is there any way
of re-binding these built-ins if import is restricted to a single
module?
2. Are classed protected using __getAttribute_ _ and __setAttr__ secure
If these questions have been asked already, could you point me to
where?
-Ronnie
On Wed, 11 May 2005 16:21:19 +0200, Brian Quinlan <br***@sweetapp .com> wrote: Ville Vainio wrote: Hmm, do you consider the fonts in a console window unreadable?
In fullscreen mode, yes (you get no choice of font size in Windows XP).
In Windowed mode you still only get a limited font selection (only two
fonts and only a few type sizes [most of which are small]).
I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
I'll get by but I was hoping for something better.
If you make your console 96 wide and set the font to Lucida Console Bold 24point,
it will probably expand to near full screen on 1024x768. You can set the scroll buffer
to a couple hundred lines and adjust console widow height to suit. Use the properties
from the system icon, or get there by Alt-Space P etc.
You can change the fg/bg colors also, though not a big selection either. I'm not a fan of idle
for my system (NT4) though it looks nice enough and has more fonts to choose from.
Regards,
Bengt Richter This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Stephen Ferg |
last post by:
Python has a builtin class for staticmethod. Seems to me that Python
should also have a builtin class for abstractmethod. Something like
this...
#######################################
# simulated implementation of a new builtin class: abstractmethod
def abstractmethod(f):
methodName = f.__name__
def temp(self, *args, **kwargs):
|
by: Nico Grubert |
last post by:
Hi there,
Background of this question is:
I want to convert all words <word> except 'and' / 'or' / 'and not' from
a string into '*<word>*'.
Example:
I have the following string:
"test and testing and not perl or testit or example"
|
by: yaipa |
last post by:
What would be the common sense way of finding a binary pattern in a
..bin file, say some 200 bytes, and replacing it with an updated pattern
of the same length at the same offset?
Also, the pattern can occur on any byte boundary in the file, so
chunking through the code at 16 bytes a frame maybe a problem. The
file itself isn't so large, maybe 32 kbytes is all and the need for
speed is not so great, but the need for accuracy in the...
|
by: Steven Bethard |
last post by:
Manlio Perillo wrote:
> Python allows to subclass builtin classes but the Python Interpreter
> uses builtin types.
> As an example keyword arguments are inserted in a dict but I would
> like to use an user defined SortedDict.
>
> There are plans to add such a feature in a future version?
Note that it's polite to start a new thread when you change topic.
|
by: Skybuck Flying |
last post by:
Hi,
if (__builtin_expect (!buffer->__init, 0))
{
buffer->__a = 0x5deece66dull;
buffer->__c = 0xb;
buffer->__init = 1;
}
I am using visual c 6 and this code doesn't compile, it's probably not
| | |
by: Anders K. Olsen |
last post by:
Hello group
I'm trying to list the users and groups who has read access to a file.
I use .NET 2.0 and FileInfo.GetAccessControl().GetAccessRules(...) and then
loop through the FileSystemAccessRule objects. Using these objects, it is
easy to use rule.IdentityReference.Translate(typeof(NTAccount)) to get the
NTAccount object.
I have noticed that some of the NTAccounts can belong to BUILTIN domains,
|
by: nejucomo |
last post by:
Hi folks,
Quick Synopsis:
A test script demonstrates a memory leak when I use pythonic extensions
of my builtin types, but if I use the builtin types themselves there is
no memory leak.
If you are interested in how builtin/pure-python inheritance interacts
|
by: saif.shakeel |
last post by:
Hi,
I need to replace a string in xml file with something else.Ex
- <SERVICEPARAMETER id="_775" Semantics="subfunction" DDORef="_54">
<SHORTNAME>rate</SHORTNAME>
<LONGNAME>rate</LONGNAME>
<VALUE role="constant" DataType="unsigned" value="1" />
<BYTEPOSITION role="position" BytePos="1" />
</SERVICEPARAMETER>
- <SERVICEPARAMETER id="_776" Semantics="localId" DDORef="_54">
|
by: Nishkar Grover |
last post by:
I'm trying to replace a built-in exception type and here's a simplified
example of what I was hoping to do...
.... bar = 'bar'
....
.... raise ZeroDivisionError
.... except ZeroDivisionError, e:
.... print e.bar
....
bar
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
