The RExec class has the following class attributes, which are used by the __init__() method. Changing them on an existing instance won't have any effect; instead, create a subclass of RExec and assign them new values in the class definition. Instances of the new class will then use those new values. All these attributes are tuples of strings.
('open', 'reload', '__import__')
.
(This gives the exceptions, because by far the majority of built-in
functions are harmless. A subclass that wants to override this
variable should probably start with the value from the base class and
concatenate additional forbidden functions -- when new dangerous
built-in functions are added to Python, they will also be added to
this module.)
('audioop', 'array', 'binascii',
'cmath', 'errno', 'imageop', 'marshal', 'math', 'md5', 'operator',
'parser', 'regex', 'select', 'sha', '_sre', 'strop',
'struct', 'time')
. A similar remark about overriding this variable
applies -- use the value from the base class as a starting point.
sys.path
(at the time
the module is loaded) for unrestricted code.
('error', 'fstat', 'listdir',
'lstat', 'readlink', 'stat', 'times', 'uname', 'getpid', 'getppid',
'getcwd', 'getuid', 'getgid', 'geteuid', 'getegid')
.
('ps1', 'ps2',
'copyright', 'version', 'platform', 'exit', 'maxint')
.
(C_EXTENSION,
PY_SOURCE)
. Adding PY_COMPILED in subclasses is not recommended;
an attacker could exit the restricted execution mode by putting a forged
byte-compiled file (.pyc) anywhere in your file system, for example
by writing it to /tmp or uploading it to the /incoming
directory of your public FTP server.
See About this document... for information on suggesting changes.