summaryrefslogtreecommitdiffstats
path: root/Lib/rexec.py
Commit message (Collapse)AuthorAgeFilesLines
* Allow restricted code to get byteorder, getdefaultencoding(),Fred Drake2002-10-111-2/+3
| | | | getrefcount(), maxunicode, and version_info.
* Trying alphabet againJeremy Hylton2002-10-111-2/+2
|
* Sort names alphabetically.Jeremy Hylton2002-10-111-2/+2
|
* Add hexversion to list of safe sys names (SF bug 621447).Jeremy Hylton2002-10-111-1/+1
| | | | Bug fix candidate.
* Address SF bug #577530: del __builtins__ breaks out of rexecGuido van Rossum2002-09-151-8/+12
| | | | | | | | | | | | | | | | | | | | | | Using the suggestion there: add_module() forces __builtin__ back; this fixes r_exec, r_eval, r_execfile. The interactive console had to be fixed separately, because it doesn't use r_exec, but relies on the 'locals' dict having the right __builtins__. Fixed this by subclassing InteractiveConsole and overriding runcode(), which does the exec. This changes the banner output slightly: instead of starting with *** RESTRICTED ***, a subtler (RestrictedConsole) is printed before the first >>> prompt. Also import readline (if it exists) when the interactive console is used, for more convenient input editing and history. This does not mean that rexec is now considered safe! But for those willing to take the risk, it's safer than before. (Note that a safety analysis of the code module would be wise if you plan to use the interactive console for real -- I've only ever used it to play with restricted mode.) This should be backported to 2.2 and 2.1.
* Use code.interact(), which is even simpler, *and* imports readlineGuido van Rossum2002-06-141-3/+3
| | | | when it can.
* Don't poorly emulate the interactive interpreter, useGuido van Rossum2002-06-141-19/+9
| | | | code.InteractiveConsole to do a much better job.
* SF 563203. Replaced 'has_key()' with 'in'.Raymond Hettinger2002-06-011-2/+2
|
* SF bug 533625 (Armin Rigo). rexec: potential security holeGuido van Rossum2002-05-311-1/+11
| | | | | | | | | | If a rexec instance allows writing in the current directory (a common thing to do), there's a way to execute bogus bytecode. Fix this by not allowing imports from .pyc files (in a way that allows a site to configure things so that .pyc files *are* allowed, if writing is not allowed). I'll apply this to 2.2 and 2.1 too.
* Move statement out of comment blockRaymond Hettinger2002-05-301-1/+1
|
* Patch 560023 adding docstrings. 2.2 Candidate (after verifying modules were ↵Raymond Hettinger2002-05-291-1/+160
| | | | not updated after 2.2).
* Ignore execfile() return value; reported by Neal Norwitz.Fred Drake2001-10-131-1/+1
|
* Now that file objects are subclassable, you can get at the file constructorTim Peters2001-09-131-2/+2
| | | | | | just by doing type(f) where f is any file object. This left a hole in restricted execution mode that rexec.py can't plug by itself (although it can plug part of it; the rest is plugged in fileobject.c now).
* Remove redundant import (PyChecker).Guido van Rossum2001-08-131-2/+4
| | | | Update greeting message to avoid the long copyright notice.
* Remove make_re() function; this is no longer needed since _sre and pcreFred Drake2001-08-071-10/+0
| | | | | | | are now allowed by ok_builtin_modules. This effectively backs out revision 1.26. This closes SF bug #448546.
* Add sha and _sre to the list of allowed built-in modules.Fred Drake2001-06-221-1/+1
|
* Fix SF bug #433904 (Alex Martelli) - all s_* methods return None only.Guido van Rossum2001-06-181-6/+7
|
* bunch more __all__ listsSkip Montanaro2001-02-151-0/+1
| | | | | | also modified check_all function to suppress all warnings since they aren't relevant to what this test is doing (allows quiet checking of regsub, for instance)
* Whitespace normalization.Tim Peters2001-01-151-11/+11
|
* Add support for "import re" -- it uses pre, but user code does not needFred Drake2000-10-051-0/+10
| | | | to.
* Get rid of the classes RModuleLoader and RModuleImporter -- these wereGuido van Rossum1998-09-211-16/+3
| | | | | only there to override reload() in a way that doesn't make a whole lot of sense and moreover broke since the latest changes in ihooks.
* (1) Added a sys.exc_info() emulation. (It returns None for the traceback.)Guido van Rossum1998-07-091-15/+57
| | | | | | | (2) Made the test script a bit fancier -- you can now use it to run arbitrary scripts in restricted mode, and it will do the right thing. (The interactive mode is still pretty lame; should integrate this with code.interact().)
* For completeness, add a dummy load_package() method to RHooks. ItGuido van Rossum1998-06-291-0/+1
| | | | | should never be called, so this isn't really needed, but this signifies that rexec now supports packages -- because ihooks does.
* Add the __doc__ string from the original module on copy_none().Guido van Rossum1998-06-091-1/+3
|
* A few lines were indented using tabs instead of spaces -- fix them.Guido van Rossum1998-03-261-178/+178
|
* Add pcre to the list of safe modules.Guido van Rossum1997-10-221-1/+1
|
* Alas, I have to restore 'marshal', since it is needed by the newGuido van Rossum1997-04-251-2/+1
| | | | | cPickle-compatible pickle, and pickle must be importable in restricted mode. I guess I'll have to make marshal safe.
* Removed 'marshal' from the list of "ok" built-in functions -- theGuido van Rossum1997-03-211-1/+1
| | | | | | unmarshalling code is actually rather naive and can easily be caused to crash by feeding it invalid data. This should be fixed in the marshal module, but I don't have the time to fix it now :-(
* Make sure ok_builtin_modules, ok_dynamic_modules andGuido van Rossum1996-12-121-4/+4
| | | | builtin_module_names are always tuples.
* Don't mix stdout/stderr.Guido van Rossum1996-10-021-2/+2
|
* Don't die if an ok file method (e.g. fileno) doesn't exist.Guido van Rossum1996-09-301-1/+1
|
* 1. Correct typo in FileWrapper.close() (fix by AMK).Guido van Rossum1996-09-251-6/+10
| | | | | 2. New trusted built-in modules cmath, errno, operator, parser. 3. Corrected bogus s_apply() -- the new one actually works (reported by AMK).
* delattr() can raise AttributeError, not KeyError.Guido van Rossum1996-08-201-2/+2
| | | | Use keyword arg to set verbose flag in test func.
* Fixed restore_files(); added reset_files(); made these more flexible.Guido van Rossum1996-06-281-8/+31
|
* fix typo in load_dynamicGuido van Rossum1996-05-281-1/+1
|
* Fix some obsolete names comments.Guido van Rossum1996-05-281-12/+53
| | | | | | | | | | | | | Change RHooks() interface to not require a 'rexec' instance argument; added set_rexec() method instead (which must be called by the RExec instance using this RHooks instance). Support dynamic loading of modules, at least for those modules that are ok built-in modules. Added new interfaces set_trusted_path() and load_dynamic() to RExec class (the default trusted path consists of all absolute pathnames in sys.path). Change copy_except() to actually try to delete the exceptions.
* make sure the path ends in a slash in reload()Guido van Rossum1995-08-111-1/+1
|
* fix reload use of __filename__Guido van Rossum1995-08-101-1/+2
|
* add module binascii; add r_unload/s_unload; don't change 'rb' to 'r' in openGuido van Rossum1995-08-091-2/+9
|
* added sys.std files, read-only open, reloadGuido van Rossum1995-08-071-3/+104
|
* new package support, import hooks, restricted execution supportGuido van Rossum1995-08-041-164/+197
|
* use imp.new_module(), not new.module(); and /usr/localGuido van Rossum1995-06-221-4/+4
|
* allow safe_import to be called with up to 4 args and check for . in nameGuido van Rossum1995-03-021-1/+3
|
* evolutionGuido van Rossum1995-01-171-16/+4
|
* new filesGuido van Rossum1995-01-121-0/+184
generated by cgit v0.12 at 2024-11-14 08:53:34 (GMT)