[OpenSPARC-T2-DV] / tools / src / nas,5.n2.os.2 / lib / python / html / python / lib / rexec-extension.html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="STYLESHEET" href="lib.css" type='text/css' />
<link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" />
<link rel='start' href='../index.html' title='Python Documentation Index' />
<link rel="first" href="lib.html" title='Python Library Reference' />
<link rel='contents' href='contents.html' title="Contents" />
<link rel='index' href='genindex.html' title='Index' />
<link rel='last' href='about.html' title='About this document...' />
<link rel='help' href='about.html' title='About this document...' />
<link rel="next" href="node763.html" />
<link rel="prev" href="rexec-objects.html" />
<link rel="parent" href="module-rexec.html" />
<link rel="next" href="node763.html" />
<meta name='aesop' content='information' />
<title>17.1.2 Defining restricted environments </title>
</head>
<body>
<DIV CLASS="navigation">
<div id='top-navigation-panel' xml:id='top-navigation-panel'>
<table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td class='online-navigation'><a rel="prev" title="17.1.1 RExec Objects"
  href="rexec-objects.html"><img src='../icons/previous.png'
  border='0' height='32'  alt='Previous Page' width='32' /></A></td>
<td class='online-navigation'><a rel="parent" title="17.1 rexec  "
  href="module-rexec.html"><img src='../icons/up.png'
  border='0' height='32'  alt='Up One Level' width='32' /></A></td>
<td class='online-navigation'><a rel="next" title="17.1.3 An example"
  href="node763.html"><img src='../icons/next.png'
  border='0' height='32'  alt='Next Page' width='32' /></A></td>
<td align="center" width="100%">Python Library Reference</td>
<td class='online-navigation'><a rel="contents" title="Table of Contents"
  href="contents.html"><img src='../icons/contents.png'
  border='0' height='32'  alt='Contents' width='32' /></A></td>
<td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png'
  border='0' height='32'  alt='Module Index' width='32' /></a></td>
<td class='online-navigation'><a rel="index" title="Index"
  href="genindex.html"><img src='../icons/index.png'
  border='0' height='32'  alt='Index' width='32' /></A></td>
</tr></table>
<div class='online-navigation'>
<b class="navlabel">Previous:</b>
<a class="sectref" rel="prev" href="rexec-objects.html">17.1.1 RExec Objects</A>
<b class="navlabel">Up:</b>
<a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec  </A>
<b class="navlabel">Next:</b>
<a class="sectref" rel="next" href="node763.html">17.1.3 An example</A>
</div>
<hr /></div>
</DIV>
<!--End of Navigation Panel-->

<H2><A NAME="SECTION0019120000000000000000"></A><A NAME="rexec-extension"></A>
<BR>
17.1.2 Defining restricted environments 
</H2>

<P>
The <tt class="class">RExec</tt> class has the following class attributes, which are
used by the <tt class="method">__init__()</tt> method.  Changing them on an existing
instance won't have any effect; instead, create a subclass of
<tt class="class">RExec</tt> and assign them new values in the class definition.
Instances of the new class will then use those new values.  All these
attributes are tuples of strings.

<P>
<dl><dt><b><tt id='l2h-4927' xml:id='l2h-4927' class="member">nok_builtin_names</tt></b></dt>
<dd>
Contains the names of built-in functions which will <em>not</em> be
available to programs running in the restricted environment.  The
value for <tt class="class">RExec</tt> is <code>('open', 'reload', '__import__')</code>.
(This gives the exceptions, because by far the majority of built-in
functions are harmless.  A subclass that wants to override this
variable should probably start with the value from the base class and
concatenate additional forbidden functions -- when new dangerous
built-in functions are added to Python, they will also be added to
this module.)
</dl>

<P>
<dl><dt><b><tt id='l2h-4928' xml:id='l2h-4928' class="member">ok_builtin_modules</tt></b></dt>
<dd>
Contains the names of built-in modules which can be safely imported.
The value for <tt class="class">RExec</tt> is <code>('audioop', 'array', 'binascii',
'cmath', 'errno', 'imageop', 'marshal', 'math', 'md5', 'operator',
'parser', 'regex', 'select', 'sha', '_sre', 'strop',
'struct', 'time')</code>.  A similar remark about overriding this variable
applies -- use the value from the base class as a starting point.
</dl>

<P>
<dl><dt><b><tt id='l2h-4929' xml:id='l2h-4929' class="member">ok_path</tt></b></dt>
<dd>
Contains the directories which will be searched when an <tt class="keyword">import</tt>
is performed in the restricted environment.  
The value for <tt class="class">RExec</tt> is the same as <code>sys.path</code> (at the time
the module is loaded) for unrestricted code.
</dl>

<P>
<dl><dt><b><tt id='l2h-4930' xml:id='l2h-4930' class="member">ok_posix_names</tt></b></dt>
<dd>
Contains the names of the functions in the <tt class="module"><a href="module-os.html">os</a></tt> module which will be
available to programs running in the restricted environment.  The
value for <tt class="class">RExec</tt> is <code>('error', 'fstat', 'listdir',
'lstat', 'readlink', 'stat', 'times', 'uname', 'getpid', 'getppid',
'getcwd', 'getuid', 'getgid', 'geteuid', 'getegid')</code>.
</dl>

<P>
<dl><dt><b><tt id='l2h-4931' xml:id='l2h-4931' class="member">ok_sys_names</tt></b></dt>
<dd>
Contains the names of the functions and variables in the <tt class="module"><a href="module-sys.html">sys</a></tt>
module which will be available to programs running in the restricted
environment.  The value for <tt class="class">RExec</tt> is <code>('ps1', 'ps2',
'copyright', 'version', 'platform', 'exit', 'maxint')</code>.
</dl>

<P>
<dl><dt><b><tt id='l2h-4932' xml:id='l2h-4932' class="member">ok_file_types</tt></b></dt>
<dd>
Contains the file types from which modules are allowed to be loaded.
Each file type is an integer constant defined in the <tt class="module"><a href="module-imp.html">imp</a></tt> module.
The meaningful values are <tt class="constant">PY_SOURCE</tt>, <tt class="constant">PY_COMPILED</tt>, and
<tt class="constant">C_EXTENSION</tt>.  The value for <tt class="class">RExec</tt> is <code>(C_EXTENSION,
PY_SOURCE)</code>.  Adding <tt class="constant">PY_COMPILED</tt> in subclasses is not recommended;
an attacker could exit the restricted execution mode by putting a forged
byte-compiled file (<span class="file">.pyc</span>) anywhere in your file system, for example
by writing it to <span class="file">/tmp</span> or uploading it to the <span class="file">/incoming</span>
directory of your public FTP server.
</dl>

<P>

<DIV CLASS="navigation">
<div class='online-navigation'>
<p></p><hr />
<table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td class='online-navigation'><a rel="prev" title="17.1.1 RExec Objects"
  href="rexec-objects.html"><img src='../icons/previous.png'
  border='0' height='32'  alt='Previous Page' width='32' /></A></td>
<td class='online-navigation'><a rel="parent" title="17.1 rexec  "
  href="module-rexec.html"><img src='../icons/up.png'
  border='0' height='32'  alt='Up One Level' width='32' /></A></td>
<td class='online-navigation'><a rel="next" title="17.1.3 An example"
  href="node763.html"><img src='../icons/next.png'
  border='0' height='32'  alt='Next Page' width='32' /></A></td>
<td align="center" width="100%">Python Library Reference</td>
<td class='online-navigation'><a rel="contents" title="Table of Contents"
  href="contents.html"><img src='../icons/contents.png'
  border='0' height='32'  alt='Contents' width='32' /></A></td>
<td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png'
  border='0' height='32'  alt='Module Index' width='32' /></a></td>
<td class='online-navigation'><a rel="index" title="Index"
  href="genindex.html"><img src='../icons/index.png'
  border='0' height='32'  alt='Index' width='32' /></A></td>
</tr></table>
<div class='online-navigation'>
<b class="navlabel">Previous:</b>
<a class="sectref" rel="prev" href="rexec-objects.html">17.1.1 RExec Objects</A>
<b class="navlabel">Up:</b>
<a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec  </A>
<b class="navlabel">Next:</b>
<a class="sectref" rel="next" href="node763.html">17.1.3 An example</A>
</div>
</div>
<hr />
<span class="release-info">Release 2.4.2, documentation updated on 28 September 2005.</span>
</DIV>
<!--End of Navigation Panel-->
<ADDRESS>
See <i><a href="about.html">About this document...</a></i> for information on suggesting changes.
</ADDRESS>
</BODY>
</HTML>
Commit	Line	Data
86530b38 AT	1	<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
	2	<html>
	3	<head>
	4	<link rel="STYLESHEET" href="lib.css" type='text/css' />
	5	<link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" />
	6	<link rel='start' href='../index.html' title='Python Documentation Index' />
	7	<link rel="first" href="lib.html" title='Python Library Reference' />
	8	<link rel='contents' href='contents.html' title="Contents" />
	9	<link rel='index' href='genindex.html' title='Index' />
	10	<link rel='last' href='about.html' title='About this document...' />
	11	<link rel='help' href='about.html' title='About this document...' />
	12	<link rel="next" href="node763.html" />
	13	<link rel="prev" href="rexec-objects.html" />
	14	<link rel="parent" href="module-rexec.html" />
	15	<link rel="next" href="node763.html" />
	16	<meta name='aesop' content='information' />
	17	<title>17.1.2 Defining restricted environments </title>
	18	</head>
	19	<body>
	20	<DIV CLASS="navigation">
	21	<div id='top-navigation-panel' xml:id='top-navigation-panel'>
	22	<table align="center" width="100%" cellpadding="0" cellspacing="2">
	23	<tr>
	24	<td class='online-navigation'><a rel="prev" title="17.1.1 RExec Objects"
	25	href="rexec-objects.html"><img src='../icons/previous.png'
	26	border='0' height='32' alt='Previous Page' width='32' /></A></td>
	27	<td class='online-navigation'><a rel="parent" title="17.1 rexec "
	28	href="module-rexec.html"><img src='../icons/up.png'
	29	border='0' height='32' alt='Up One Level' width='32' /></A></td>
	30	<td class='online-navigation'><a rel="next" title="17.1.3 An example"
	31	href="node763.html"><img src='../icons/next.png'
	32	border='0' height='32' alt='Next Page' width='32' /></A></td>
	33	<td align="center" width="100%">Python Library Reference</td>
	34	<td class='online-navigation'><a rel="contents" title="Table of Contents"
	35	href="contents.html"><img src='../icons/contents.png'
	36	border='0' height='32' alt='Contents' width='32' /></A></td>
	37	<td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png'
	38	border='0' height='32' alt='Module Index' width='32' /></a></td>
	39	<td class='online-navigation'><a rel="index" title="Index"
	40	href="genindex.html"><img src='../icons/index.png'
	41	border='0' height='32' alt='Index' width='32' /></A></td>
	42	</tr></table>
	43	<div class='online-navigation'>
	44	<b class="navlabel">Previous:</b>
	45	<a class="sectref" rel="prev" href="rexec-objects.html">17.1.1 RExec Objects</A>
	46	<b class="navlabel">Up:</b>
	47	<a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec </A>
	48	<b class="navlabel">Next:</b>
	49	<a class="sectref" rel="next" href="node763.html">17.1.3 An example</A>
	50	</div>
	51	<hr /></div>
	52	</DIV>
	53	<!--End of Navigation Panel-->
	54
	55	<H2><A NAME="SECTION0019120000000000000000"></A><A NAME="rexec-extension"></A>
	56	<BR>
	57	17.1.2 Defining restricted environments
	58	</H2>
	59
	60	<P>
	61	The <tt class="class">RExec</tt> class has the following class attributes, which are
	62	used by the <tt class="method">__init__()</tt> method. Changing them on an existing
	63	instance won't have any effect; instead, create a subclass of
	64	<tt class="class">RExec</tt> and assign them new values in the class definition.
65	Instances of the new class will then use those new values. All these
66	attributes are tuples of strings.
67
68	<P>
69	<dl><dt><b><tt id='l2h-4927' xml:id='l2h-4927' class="member">nok_builtin_names</tt></b></dt>
70	<dd>
71	Contains the names of built-in functions which will <em>not</em> be
72	available to programs running in the restricted environment. The
73	value for <tt class="class">RExec</tt> is <code>('open', 'reload', '__import__')</code>.
74	(This gives the exceptions, because by far the majority of built-in
75	functions are harmless. A subclass that wants to override this
76	variable should probably start with the value from the base class and
77	concatenate additional forbidden functions -- when new dangerous
78	built-in functions are added to Python, they will also be added to
79	this module.)
80	</dl>
81
82	<P>
83	<dl><dt><b><tt id='l2h-4928' xml:id='l2h-4928' class="member">ok_builtin_modules</tt></b></dt>
84	<dd>
85	Contains the names of built-in modules which can be safely imported.
86	The value for <tt class="class">RExec</tt> is <code>('audioop', 'array', 'binascii',
87	'cmath', 'errno', 'imageop', 'marshal', 'math', 'md5', 'operator',
88	'parser', 'regex', 'select', 'sha', '_sre', 'strop',
89	'struct', 'time')</code>. A similar remark about overriding this variable
90	applies -- use the value from the base class as a starting point.
91	</dl>
92
93	<P>
94	<dl><dt><b><tt id='l2h-4929' xml:id='l2h-4929' class="member">ok_path</tt></b></dt>
95	<dd>
96	Contains the directories which will be searched when an <tt class="keyword">import</tt>
97	is performed in the restricted environment.
98	The value for <tt class="class">RExec</tt> is the same as <code>sys.path</code> (at the time
99	the module is loaded) for unrestricted code.
100	</dl>
101
102	<P>
103	<dl><dt><b><tt id='l2h-4930' xml:id='l2h-4930' class="member">ok_posix_names</tt></b></dt>
104	<dd>
105	Contains the names of the functions in the <tt class="module"><a href="module-os.html">os</a></tt> module which will be
106	available to programs running in the restricted environment. The
107	value for <tt class="class">RExec</tt> is <code>('error', 'fstat', 'listdir',
108	'lstat', 'readlink', 'stat', 'times', 'uname', 'getpid', 'getppid',
109	'getcwd', 'getuid', 'getgid', 'geteuid', 'getegid')</code>.
110	</dl>
111
112	<P>
113	<dl><dt><b><tt id='l2h-4931' xml:id='l2h-4931' class="member">ok_sys_names</tt></b></dt>
114	<dd>
115	Contains the names of the functions and variables in the <tt class="module"><a href="module-sys.html">sys</a></tt>
116	module which will be available to programs running in the restricted
117	environment. The value for <tt class="class">RExec</tt> is <code>('ps1', 'ps2',
118	'copyright', 'version', 'platform', 'exit', 'maxint')</code>.
119	</dl>
120
121	<P>
122	<dl><dt><b><tt id='l2h-4932' xml:id='l2h-4932' class="member">ok_file_types</tt></b></dt>
123	<dd>
124	Contains the file types from which modules are allowed to be loaded.
125	Each file type is an integer constant defined in the <tt class="module"><a href="module-imp.html">imp</a></tt> module.
126	The meaningful values are <tt class="constant">PY_SOURCE</tt>, <tt class="constant">PY_COMPILED</tt>, and
127	<tt class="constant">C_EXTENSION</tt>. The value for <tt class="class">RExec</tt> is <code>(C_EXTENSION,
128	PY_SOURCE)</code>. Adding <tt class="constant">PY_COMPILED</tt> in subclasses is not recommended;
129	an attacker could exit the restricted execution mode by putting a forged
130	byte-compiled file (<span class="file">.pyc</span>) anywhere in your file system, for example
131	by writing it to <span class="file">/tmp</span> or uploading it to the <span class="file">/incoming</span>
132	directory of your public FTP server.
133	</dl>
134
135	<P>
136
137	<DIV CLASS="navigation">
138	<div class='online-navigation'>
139	<p></p><hr />
140	<table align="center" width="100%" cellpadding="0" cellspacing="2">
141	<tr>
142	<td class='online-navigation'><a rel="prev" title="17.1.1 RExec Objects"
143	href="rexec-objects.html"><img src='../icons/previous.png'
144	border='0' height='32' alt='Previous Page' width='32' /></A></td>
145	<td class='online-navigation'><a rel="parent" title="17.1 rexec "
146	href="module-rexec.html"><img src='../icons/up.png'
147	border='0' height='32' alt='Up One Level' width='32' /></A></td>
148	<td class='online-navigation'><a rel="next" title="17.1.3 An example"
149	href="node763.html"><img src='../icons/next.png'
150	border='0' height='32' alt='Next Page' width='32' /></A></td>
151	<td align="center" width="100%">Python Library Reference</td>
152	<td class='online-navigation'><a rel="contents" title="Table of Contents"
153	href="contents.html"><img src='../icons/contents.png'
154	border='0' height='32' alt='Contents' width='32' /></A></td>
155	<td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png'
156	border='0' height='32' alt='Module Index' width='32' /></a></td>
157	<td class='online-navigation'><a rel="index" title="Index"
158	href="genindex.html"><img src='../icons/index.png'
159	border='0' height='32' alt='Index' width='32' /></A></td>
160	</tr></table>
161	<div class='online-navigation'>
162	<b class="navlabel">Previous:</b>
163	<a class="sectref" rel="prev" href="rexec-objects.html">17.1.1 RExec Objects</A>
164	<b class="navlabel">Up:</b>
165	<a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec </A>
166	<b class="navlabel">Next:</b>
167	<a class="sectref" rel="next" href="node763.html">17.1.3 An example</A>
168	</div>
169	</div>
170	<hr />
171	<span class="release-info">Release 2.4.2, documentation updated on 28 September 2005.</span>
172	</DIV>
173	<!--End of Navigation Panel-->
174	<ADDRESS>
175	See <i><a href="about.html">About this document...</a></i> for information on suggesting changes.
176	</ADDRESS>
177	</BODY>
178	</HTML>