"Mattia Adami" <am*******@email.it> writes:
Hi to all.
I'm intristing in write a plugin for browsers that can execute python
code.
I know the main problem is security. Many thread were opened about this
in the ng.
I would know if fork python rewriting some library could avoid
problems. I.e. one problem is the possibility to access files. If I
rewrite the open() function so that raises exception if the program try
to access a file out of a defined directory.
I'm sure not a security expert, so please be patient if my question is
stupid.
People who *are* security experts have looked into modifying Python to
make it secure, and given up on the project as unrealistic. Generally,
taking an existing project that wasn't designed with security in mind
and making it secure is hard. Not impossible, but not easy.
You might consider using Jython and jythonc to produce objects to run
in the JVM. Not only was that designed with security in mind, but most
browsers come with a JVM already installed.
<mike
--
Mike Meyer <mw*@mired.org>
http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.