Commit | Line | Data |
---|---|---|
920dae64 AT |
1 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
2 | <html> | |
3 | <head> | |
4 | <link rel="STYLESHEET" href="lib.css" type='text/css' /> | |
5 | <link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" /> | |
6 | <link rel='start' href='../index.html' title='Python Documentation Index' /> | |
7 | <link rel="first" href="lib.html" title='Python Library Reference' /> | |
8 | <link rel='contents' href='contents.html' title="Contents" /> | |
9 | <link rel='index' href='genindex.html' title='Index' /> | |
10 | <link rel='last' href='about.html' title='About this document...' /> | |
11 | <link rel='help' href='about.html' title='About this document...' /> | |
12 | <link rel="prev" href="rexec-extension.html" /> | |
13 | <link rel="parent" href="module-rexec.html" /> | |
14 | <link rel="next" href="module-Bastion.html" /> | |
15 | <meta name='aesop' content='information' /> | |
16 | <title>17.1.3 An example</title> | |
17 | </head> | |
18 | <body> | |
19 | <DIV CLASS="navigation"> | |
20 | <div id='top-navigation-panel' xml:id='top-navigation-panel'> | |
21 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> | |
22 | <tr> | |
23 | <td class='online-navigation'><a rel="prev" title="17.1.2 Defining restricted environments" | |
24 | href="rexec-extension.html"><img src='../icons/previous.png' | |
25 | border='0' height='32' alt='Previous Page' width='32' /></A></td> | |
26 | <td class='online-navigation'><a rel="parent" title="17.1 rexec " | |
27 | href="module-rexec.html"><img src='../icons/up.png' | |
28 | border='0' height='32' alt='Up One Level' width='32' /></A></td> | |
29 | <td class='online-navigation'><a rel="next" title="17.2 Bastion " | |
30 | href="module-Bastion.html"><img src='../icons/next.png' | |
31 | border='0' height='32' alt='Next Page' width='32' /></A></td> | |
32 | <td align="center" width="100%">Python Library Reference</td> | |
33 | <td class='online-navigation'><a rel="contents" title="Table of Contents" | |
34 | href="contents.html"><img src='../icons/contents.png' | |
35 | border='0' height='32' alt='Contents' width='32' /></A></td> | |
36 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' | |
37 | border='0' height='32' alt='Module Index' width='32' /></a></td> | |
38 | <td class='online-navigation'><a rel="index" title="Index" | |
39 | href="genindex.html"><img src='../icons/index.png' | |
40 | border='0' height='32' alt='Index' width='32' /></A></td> | |
41 | </tr></table> | |
42 | <div class='online-navigation'> | |
43 | <b class="navlabel">Previous:</b> | |
44 | <a class="sectref" rel="prev" href="rexec-extension.html">17.1.2 Defining restricted environments</A> | |
45 | <b class="navlabel">Up:</b> | |
46 | <a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec </A> | |
47 | <b class="navlabel">Next:</b> | |
48 | <a class="sectref" rel="next" href="module-Bastion.html">17.2 Bastion </A> | |
49 | </div> | |
50 | <hr /></div> | |
51 | </DIV> | |
52 | <!--End of Navigation Panel--> | |
53 | ||
54 | <H2><A NAME="SECTION0019130000000000000000"> | |
55 | 17.1.3 An example</A> | |
56 | </H2> | |
57 | ||
58 | <P> | |
59 | Let us say that we want a slightly more relaxed policy than the | |
60 | standard <tt class="class">RExec</tt> class. For example, if we're willing to allow | |
61 | files in <span class="file">/tmp</span> to be written, we can subclass the <tt class="class">RExec</tt> | |
62 | class: | |
63 | ||
64 | <P> | |
65 | <div class="verbatim"><pre> | |
66 | class TmpWriterRExec(rexec.RExec): | |
67 | def r_open(self, file, mode='r', buf=-1): | |
68 | if mode in ('r', 'rb'): | |
69 | pass | |
70 | elif mode in ('w', 'wb', 'a', 'ab'): | |
71 | # check filename : must begin with /tmp/ | |
72 | if file[:5]!='/tmp/': | |
73 | raise IOError, "can't write outside /tmp" | |
74 | elif (string.find(file, '/../') >= 0 or | |
75 | file[:3] == '../' or file[-3:] == '/..'): | |
76 | raise IOError, "'..' in filename forbidden" | |
77 | else: raise IOError, "Illegal open() mode" | |
78 | return open(file, mode, buf) | |
79 | </pre></div> | |
80 | Notice that the above code will occasionally forbid a perfectly valid | |
81 | filename; for example, code in the restricted environment won't be | |
82 | able to open a file called <span class="file">/tmp/foo/../bar</span>. To fix this, the | |
83 | <tt class="method">r_open()</tt> method would have to simplify the filename to | |
84 | <span class="file">/tmp/bar</span>, which would require splitting apart the filename and | |
85 | performing various operations on it. In cases where security is at | |
86 | stake, it may be preferable to write simple code which is sometimes | |
87 | overly restrictive, instead of more general code that is also more | |
88 | complex and may harbor a subtle security hole. | |
89 | ||
90 | <DIV CLASS="navigation"> | |
91 | <div class='online-navigation'> | |
92 | <p></p><hr /> | |
93 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> | |
94 | <tr> | |
95 | <td class='online-navigation'><a rel="prev" title="17.1.2 Defining restricted environments" | |
96 | href="rexec-extension.html"><img src='../icons/previous.png' | |
97 | border='0' height='32' alt='Previous Page' width='32' /></A></td> | |
98 | <td class='online-navigation'><a rel="parent" title="17.1 rexec " | |
99 | href="module-rexec.html"><img src='../icons/up.png' | |
100 | border='0' height='32' alt='Up One Level' width='32' /></A></td> | |
101 | <td class='online-navigation'><a rel="next" title="17.2 Bastion " | |
102 | href="module-Bastion.html"><img src='../icons/next.png' | |
103 | border='0' height='32' alt='Next Page' width='32' /></A></td> | |
104 | <td align="center" width="100%">Python Library Reference</td> | |
105 | <td class='online-navigation'><a rel="contents" title="Table of Contents" | |
106 | href="contents.html"><img src='../icons/contents.png' | |
107 | border='0' height='32' alt='Contents' width='32' /></A></td> | |
108 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' | |
109 | border='0' height='32' alt='Module Index' width='32' /></a></td> | |
110 | <td class='online-navigation'><a rel="index" title="Index" | |
111 | href="genindex.html"><img src='../icons/index.png' | |
112 | border='0' height='32' alt='Index' width='32' /></A></td> | |
113 | </tr></table> | |
114 | <div class='online-navigation'> | |
115 | <b class="navlabel">Previous:</b> | |
116 | <a class="sectref" rel="prev" href="rexec-extension.html">17.1.2 Defining restricted environments</A> | |
117 | <b class="navlabel">Up:</b> | |
118 | <a class="sectref" rel="parent" href="module-rexec.html">17.1 rexec </A> | |
119 | <b class="navlabel">Next:</b> | |
120 | <a class="sectref" rel="next" href="module-Bastion.html">17.2 Bastion </A> | |
121 | </div> | |
122 | </div> | |
123 | <hr /> | |
124 | <span class="release-info">Release 2.4.2, documentation updated on 28 September 2005.</span> | |
125 | </DIV> | |
126 | <!--End of Navigation Panel--> | |
127 | <ADDRESS> | |
128 | See <i><a href="about.html">About this document...</a></i> for information on suggesting changes. | |
129 | </ADDRESS> | |
130 | </BODY> | |
131 | </HTML> |