If I replace the open builtin eg
import main
__main__.__builtins__.open=None
Is there any way, from here on, to access the original open function??
Extending this slightly, lets say I put a reference to the original
open function inside a class called Isolate and protect this reference
using __getattribute__ and __setattr__. Is the original function now
isolated and only able to be referenced within Isolate.
In summary, are there any references to builtin functions others than
through __builtins__ and is __getattribute__, __setattr__ secure
Regards
RMM
11  1899 
Can anyone recommend a Python interactive shell for use in presentations?
Ideal characteristics (priority order):
o configurable font size
o full screen mode
o readline support
o syntax coloring
I've tried ipython but, since it runs inside a console window, and the
console window has a limited number of selectable fonts, it doesn't
work terribly well.
I've seen presentations using some sort of PyGame implemented shell.
Does anyone have an information on that?
Cheers,
Brian
Sorry, should maybe have used __import__ as an example.
Let's say I grab import, store the reference within the Isolate class
and then redirect the builtin import to a function in the Isolate class
which only allows certain modules to be imported -eg not sys. Would
this be secure?
>>>>> "Brian" == Brian Quinlan <br***@sweetapp.com> writes:
Brian> Can anyone recommend a Python interactive shell for use in
Brian> presentations?
Brian> I've tried ipython but, since it runs inside a console
Brian> window, and the console window has a limited number of
Brian> selectable fonts, it doesn't work terribly well.
Hmm, do you consider the fonts in a console window unreadable? I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
--
Ville Vainio http://tinyurl.com/2prnb
I had a quick look at the python source code and fileobject.c is one of
the core classes which, I would imagine, is why a reference can be
obtained. The other classes (method, dictionaries etc) don't look so
much of a liability. I'll maybe try disabling the fopen calls in
fileobject and see if it breaks anything (I've no need to open/close
files using the standard libraries).
Are there any other holes you can think of in the following scenario-
I disable all builtins except import which I protect in my 'Isolate'
class, I then only allow import to import a single module name.
Thanks for the speedy and informative replies.
RMM
rm*@iname.com wrote: I had a quick look at the python source code and fileobject.c is one of
the core classes which, I would imagine, is why a reference can be
obtained. The other classes (method, dictionaries etc) don't look so
much of a liability. I'll maybe try disabling the fopen calls in
fileobject and see if it breaks anything (I've no need to open/close
files using the standard libraries).
Are there any other holes you can think of in the following scenario-
I disable all builtins except import which I protect in my 'Isolate'
class, I then only allow import to import a single module name.
You *really* ought to be checking the list archives for the *many* past
discussions of this, and the many ways in which it is nowhere near as
easy as you seem to think it might be, as well as for the variety of
partially completed efforts -- some of which closely resemble your
approach -- which have been abandoned after it was demonstrated how the
could not work.
On the other hand, after reading all that, you just might be the one to
come up with the solution that combines just enough of each approach to
solve the problem once and for all, and the community would be very
grateful to you.
But I doubt you'll solve this by asking Jp to review (and, inevitably,
shoot down) each idea you come up with. Give him a break until you've
read some of the archived material on this. :-)
-Peter
Ville Vainio wrote: Hmm, do you consider the fonts in a console window unreadable?
In fullscreen mode, yes (you get no choice of font size in Windows XP).
In Windowed mode you still only get a limited font selection (only two
fonts and only a few type sizes [most of which are small]).
I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
I'll get by but I was hoping for something better.
Cheers,
Brian
---------- Forwarded message ----------
From: James Carroll <mr*****@gmail.com>
Date: May 11, 2005 10:43 AM
Subject: Re: Interactive shell for demonstration purposes
To: Brian Quinlan <br***@sweetapp.com>
I would personally try looking at the PyCrust.py that's included with
wxPython. It has a standard shell, and you can use the Ctrl-] hotkey
to increase the font size. You can make it big and readable... (but
not bold, which would be nice.) Then, hide your taskbars (or system
menus) and maximize...
-Jim
On 5/11/05, Brian Quinlan <br***@sweetapp.com> wrote: Ville Vainio wrote: Hmm, do you consider the fonts in a console window unreadable?
In fullscreen mode, yes (you get no choice of font size in Windows XP).
In Windowed mode you still only get a limited font selection (only two
fonts and only a few type sizes [most of which are small]).
I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
I'll get by but I was hoping for something better.
Cheers,
Brian
--
http://mail.python.org/mailman/listinfo/python-list
Sorry, didn't mean to pester Jp
I have checked the archives, Rexec copies __builtins__, causing the del
__builtins__ issue. I'm modifying the lowest level__builtins__.
I am also using __getAttribute__ and __setAttr__, I could find no
mention of security holes on the lists.
Let me re-state the question:
1. Once I've set all builtins except Import to None. Is there any way
of re-binding these built-ins if import is restricted to a single
module?
2. Are classed protected using __getAttribute__ and __setAttr__ secure
If these questions have been asked already, could you point me to
where?
-Ronnie
On Wed, 11 May 2005 16:21:19 +0200, Brian Quinlan <br***@sweetapp.com> wrote: Ville Vainio wrote: Hmm, do you consider the fonts in a console window unreadable?
In fullscreen mode, yes (you get no choice of font size in Windows XP).
In Windowed mode you still only get a limited font selection (only two
fonts and only a few type sizes [most of which are small]).
I've
given a few presentations using ipython on win32 and it worked alright
- but I suppose the projector quality is a factor here...
I'll get by but I was hoping for something better.
If you make your console 96 wide and set the font to Lucida Console Bold 24point,
it will probably expand to near full screen on 1024x768. You can set the scroll buffer
to a couple hundred lines and adjust console widow height to suit. Use the properties
from the system icon, or get there by Alt-Space P etc.
You can change the fg/bg colors also, though not a big selection either. I'm not a fan of idle
for my system (NT4) though it looks nice enough and has more fonts to choose from.
Regards,
Bengt Richter
Bengt Richter wrote: If you make your console 96 wide and set the font to Lucida Console Bold 24point,
it will probably expand to near full screen on 1024x768. You can set the scroll buffer
to a couple hundred lines and adjust console widow height to suit. Use the properties
from the system icon, or get there by Alt-Space P etc.
That's not bad. There are two caveats:
1. you have to set the width to 72 characters (instead of 80) at
1024x768 with 24 point fonts
2. you can't run in full-screen mode
Cheers,
Brian
On Thu, 12 May 2005 17:41:29 +0200, Brian Quinlan <br***@sweetapp.com> wrote: Bengt Richter wrote: If you make your console 96 wide and set the font to Lucida Console Bold 24point,
it will probably expand to near full screen on 1024x768. You can set the scroll buffer
to a couple hundred lines and adjust console widow height to suit. Use the properties
from the system icon, or get there by Alt-Space P etc.
That's not bad. There are two caveats:
1. you have to set the width to 72 characters (instead of 80) at
1024x768 with 24 point fonts
Well, you don't _have_ to ;-) E.g., I have my screen buffer size set to 96 wide and 200 high,
so when I select 24-pt bold Lucida Console, I don't see more than about 68 characters within
the frame, but I can scroll horizontally to see to the 96 limit. If I output more than 96 wide,
it wraps to the next line. You may want to set wrap/buffer width at 72, but that's a choice, not
a have-to, at least on my system ;-)
2. you can't run in full-screen mode
Well, my system permits it, sort of, but it does force some layout and ugly raster font that reminds
of a black BSOD and is probably controlled by some registry stuff that I am too lazy to pursue.
I had to kill it (the console window) to get back to a normal console window, but that is probably
because I don't know the secret incantation off hand ;-/
Anyway, HIIH (happy if it helped ;-)
Regards,
Bengt Richter This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Stephen Ferg |
last post by:
Python has a builtin class for staticmethod. Seems to me that Python
should also have a builtin class for abstractmethod. Something like
this...
#######################################
#...
|
by: Nico Grubert |
last post by:
Hi there,
Background of this question is:
I want to convert all words <word> except 'and' / 'or' / 'and not' from
a string into '*<word>*'.
Example:
I have the following string:
"test and...
|
by: yaipa |
last post by:
What would be the common sense way of finding a binary pattern in a
..bin file, say some 200 bytes, and replacing it with an updated pattern
of the same length at the same offset?
Also, the...
|
by: Steven Bethard |
last post by:
Manlio Perillo wrote:
> Python allows to subclass builtin classes but the Python Interpreter
> uses builtin types.
> As an example keyword arguments are inserted in a dict but I would
> like to...
|
by: Skybuck Flying |
last post by:
Hi,
if (__builtin_expect (!buffer->__init, 0))
{
buffer->__a = 0x5deece66dull;
buffer->__c = 0xb;
buffer->__init = 1;
}
I am using visual c 6 and this code doesn't compile, it's probably...
|
by: Anders K. Olsen |
last post by:
Hello group
I'm trying to list the users and groups who has read access to a file.
I use .NET 2.0 and FileInfo.GetAccessControl().GetAccessRules(...) and then
loop through the...
|
by: nejucomo |
last post by:
Hi folks,
Quick Synopsis:
A test script demonstrates a memory leak when I use pythonic extensions
of my builtin types, but if I use the builtin types themselves there is
no memory leak.
...
|
by: saif.shakeel |
last post by:
Hi,
I need to replace a string in xml file with something else.Ex
- <SERVICEPARAMETER id="_775" Semantics="subfunction" DDORef="_54">
<SHORTNAME>rate</SHORTNAME>
<LONGNAME>rate</LONGNAME>...
|
by: Nishkar Grover |
last post by:
I'm trying to replace a built-in exception type and here's a simplified
example of what I was hoping to do...
.... bar = 'bar'
....
.... raise ZeroDivisionError
.... except...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| |
