| 1 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| 2 | <html> |
| 3 | <head> |
| 4 | <link rel="STYLESHEET" href="lib.css" type='text/css' /> |
| 5 | <link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" /> |
| 6 | <link rel='start' href='../index.html' title='Python Documentation Index' /> |
| 7 | <link rel="first" href="lib.html" title='Python Library Reference' /> |
| 8 | <link rel='contents' href='contents.html' title="Contents" /> |
| 9 | <link rel='index' href='genindex.html' title='Index' /> |
| 10 | <link rel='last' href='about.html' title='About this document...' /> |
| 11 | <link rel='help' href='about.html' title='About this document...' /> |
| 12 | <link rel="prev" href="rexec-extension.html" /> |
| 13 | <link rel="parent" href="module-rexec.html" /> |
| 14 | <link rel="next" href="module-Bastion.html" /> |
| 15 | <meta name='aesop' content='information' /> |
| 16 | <title>17.1.3 An example</title> |
| 17 | </head> |
| 18 | <body> |
| 19 | <DIV CLASS="navigation"> |
| 20 | <div id='top-navigation-panel' xml:id='top-navigation-panel'> |
| 21 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> |
| 22 | <tr> |
| 23 | <td class='online-navigation'><a rel="prev" title="17.1.2 Defining restricted environments" |
| 24 | href="rexec-extension.html"><img src='../icons/previous.png' |
| 25 | border='0' height='32' alt='Previous Page' width='32' /></A></td> |
| 26 | <td class='online-navigation'><a rel="parent" title="17.1 rexec " |
| 27 | href="module-rexec.html"><img src='../icons/up.png' |
| 28 | border='0' height='32' alt='Up One Level' width='32' /></A></td> |
| 29 | <td class='online-navigation'><a rel="next" title="17.2 Bastion " |
| 30 | href="module-Bastion.html"><img src='../icons/next.png' |
| 31 | border='0' height='32' alt='Next Page' width='32' /></A></td> |
| 32 | <td align="center" width="100%">Python Library Reference</td> |
| 33 | <td class='online-navigation'><a rel="contents" title="Table of Contents" |
| 34 | href="contents.html"><img src='../icons/contents.png' |
| 35 | border='0' height='32' alt='Contents' width='32' /></A></td> |
| 36 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' |
| 37 | border='0' height='32' alt='Module Index' width='32' /></a></td> |
| 38 | <td class='online-navigation'><a rel="index" title="Index" |
| 39 | href="genindex.html"><img src='../icons/index.png' |
| 40 | border='0' height='32' alt='Index' width='32' /></A></td> |
| 41 | </tr></table> |
| 42 | <div class='online-navigation'> |
| 43 | <b class="navlabel">Previous:</b> |
| 44 | <a class="sectref" rel="prev" href="rexec-extension.html">17.1.2 Defining restricted environments</A> |
| 45 | <b class="navlabel">Up:</b> |
| 46 | <a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec </A> |
| 47 | <b class="navlabel">Next:</b> |
| 48 | <a class="sectref" rel="next" href="module-Bastion.html">17.2 Bastion </A> |
| 49 | </div> |
| 50 | <hr /></div> |
| 51 | </DIV> |
| 52 | <!--End of Navigation Panel--> |
| 53 | |
| 54 | <H2><A NAME="SECTION0019130000000000000000"> |
| 55 | 17.1.3 An example</A> |
| 56 | </H2> |
| 57 | |
| 58 | <P> |
| 59 | Let us say that we want a slightly more relaxed policy than the |
| 60 | standard <tt class="class">RExec</tt> class. For example, if we're willing to allow |
| 61 | files in <span class="file">/tmp</span> to be written, we can subclass the <tt class="class">RExec</tt> |
| 62 | class: |
| 63 | |
| 64 | <P> |
| 65 | <div class="verbatim"><pre> |
| 66 | class TmpWriterRExec(rexec.RExec): |
| 67 | def r_open(self, file, mode='r', buf=-1): |
| 68 | if mode in ('r', 'rb'): |
| 69 | pass |
| 70 | elif mode in ('w', 'wb', 'a', 'ab'): |
| 71 | # check filename : must begin with /tmp/ |
| 72 | if file[:5]!='/tmp/': |
| 73 | raise IOError, "can't write outside /tmp" |
| 74 | elif (string.find(file, '/../') >= 0 or |
| 75 | file[:3] == '../' or file[-3:] == '/..'): |
| 76 | raise IOError, "'..' in filename forbidden" |
| 77 | else: raise IOError, "Illegal open() mode" |
| 78 | return open(file, mode, buf) |
| 79 | </pre></div> |
| 80 | Notice that the above code will occasionally forbid a perfectly valid |
| 81 | filename; for example, code in the restricted environment won't be |
| 82 | able to open a file called <span class="file">/tmp/foo/../bar</span>. To fix this, the |
| 83 | <tt class="method">r_open()</tt> method would have to simplify the filename to |
| 84 | <span class="file">/tmp/bar</span>, which would require splitting apart the filename and |
| 85 | performing various operations on it. In cases where security is at |
| 86 | stake, it may be preferable to write simple code which is sometimes |
| 87 | overly restrictive, instead of more general code that is also more |
| 88 | complex and may harbor a subtle security hole. |
| 89 | |
| 90 | <DIV CLASS="navigation"> |
| 91 | <div class='online-navigation'> |
| 92 | <p></p><hr /> |
| 93 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> |
| 94 | <tr> |
| 95 | <td class='online-navigation'><a rel="prev" title="17.1.2 Defining restricted environments" |
| 96 | href="rexec-extension.html"><img src='../icons/previous.png' |
| 97 | border='0' height='32' alt='Previous Page' width='32' /></A></td> |
| 98 | <td class='online-navigation'><a rel="parent" title="17.1 rexec " |
| 99 | href="module-rexec.html"><img src='../icons/up.png' |
| 100 | border='0' height='32' alt='Up One Level' width='32' /></A></td> |
| 101 | <td class='online-navigation'><a rel="next" title="17.2 Bastion " |
| 102 | href="module-Bastion.html"><img src='../icons/next.png' |
| 103 | border='0' height='32' alt='Next Page' width='32' /></A></td> |
| 104 | <td align="center" width="100%">Python Library Reference</td> |
| 105 | <td class='online-navigation'><a rel="contents" title="Table of Contents" |
| 106 | href="contents.html"><img src='../icons/contents.png' |
| 107 | border='0' height='32' alt='Contents' width='32' /></A></td> |
| 108 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' |
| 109 | border='0' height='32' alt='Module Index' width='32' /></a></td> |
| 110 | <td class='online-navigation'><a rel="index" title="Index" |
| 111 | href="genindex.html"><img src='../icons/index.png' |
| 112 | border='0' height='32' alt='Index' width='32' /></A></td> |
| 113 | </tr></table> |
| 114 | <div class='online-navigation'> |
| 115 | <b class="navlabel">Previous:</b> |
| 116 | <a class="sectref" rel="prev" href="rexec-extension.html">17.1.2 Defining restricted environments</A> |
| 117 | <b class="navlabel">Up:</b> |
| 118 | <a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec </A> |
| 119 | <b class="navlabel">Next:</b> |
| 120 | <a class="sectref" rel="next" href="module-Bastion.html">17.2 Bastion </A> |
| 121 | </div> |
| 122 | </div> |
| 123 | <hr /> |
| 124 | <span class="release-info">Release 2.4.2, documentation updated on 28 September 2005.</span> |
| 125 | </DIV> |
| 126 | <!--End of Navigation Panel--> |
| 127 | <ADDRESS> |
| 128 | See <i><a href="about.html">About this document...</a></i> for information on suggesting changes. |
| 129 | </ADDRESS> |
| 130 | </BODY> |
| 131 | </HTML> |