module-rexec.html

一本很好的python的说明书,适合对python感兴趣的人

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>16.1 rexec -- Restricted execution framework</title>
<META NAME="description" CONTENT="16.1 rexec -- Restricted execution framework">
<META NAME="keywords" CONTENT="lib">
<META NAME="resource-type" CONTENT="document">
<META NAME="distribution" CONTENT="global">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="STYLESHEET" href="lib.css" tppabs="http://www.python.org/doc/current/lib/lib.css">
<LINK REL="next" href="module-Bastion.html" tppabs="http://www.python.org/doc/current/lib/module-Bastion.html">
<LINK REL="previous" href="restricted.html" tppabs="http://www.python.org/doc/current/lib/restricted.html">
<LINK REL="up" href="restricted.html" tppabs="http://www.python.org/doc/current/lib/restricted.html">
<LINK REL="next" HREF="node366.html" tppabs="http://www.python.org/doc/current/lib/node366.html">
</head>
<body>
<DIV CLASS="navigation"><table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td><A href="restricted.html" tppabs="http://www.python.org/doc/current/lib/restricted.html"><img src="previous.gif" tppabs="http://www.python.org/doc/current/icons/previous.gif" border="0" height="32"
  alt="Previous Page" width="32"></A></td>
<td><A href="restricted.html" tppabs="http://www.python.org/doc/current/lib/restricted.html"><img src="up.gif" tppabs="http://www.python.org/doc/current/icons/up.gif" border="0" height="32"
  alt="Up One Level" width="32"></A></td>
<td><A HREF="node366.html" tppabs="http://www.python.org/doc/current/lib/node366.html"><img src="next.gif" tppabs="http://www.python.org/doc/current/icons/next.gif" border="0" height="32"
  alt="Next Page" width="32"></A></td>
<td align="center" width="100%">Python Library Reference</td>
<td><A href="contents.html" tppabs="http://www.python.org/doc/current/lib/contents.html"><img src="contents.gif" tppabs="http://www.python.org/doc/current/icons/contents.gif" border="0" height="32"
  alt="Contents" width="32"></A></td>
<td><a href="modindex.html" tppabs="http://www.python.org/doc/current/lib/modindex.html" title="Module Index"><img src="modules.gif" tppabs="http://www.python.org/doc/current/icons/modules.gif" border="0" height="32"
  alt="Module Index" width="32"></a></td>
<td><A href="genindex.html" tppabs="http://www.python.org/doc/current/lib/genindex.html"><img src="index.gif" tppabs="http://www.python.org/doc/current/icons/index.gif" border="0" height="32"
  alt="Index" width="32"></A></td>
</tr></table>
<b class="navlabel">Previous:</b> <a class="sectref" href="restricted.html" tppabs="http://www.python.org/doc/current/lib/restricted.html">16. Restricted Execution</A>
<b class="navlabel">Up:</b> <a class="sectref" href="restricted.html" tppabs="http://www.python.org/doc/current/lib/restricted.html">16. Restricted Execution</A>
<b class="navlabel">Next:</b> <a class="sectref" HREF="node366.html" tppabs="http://www.python.org/doc/current/lib/node366.html">16.1.1 An example</A>
<br><hr></DIV>
<!--End of Navigation Panel-->

<H1><A NAME="SECTION0018100000000000000000">
16.1 <tt class="module">rexec</tt> --
         Restricted execution framework</A>
</H1>

<P>


<P>
This module contains the <tt class="class">RExec</tt> class, which supports
<tt class="method">r_eval()</tt>, <tt class="method">r_execfile()</tt>, <tt class="method">r_exec()</tt>, and
<tt class="method">r_import()</tt> methods, which are restricted versions of the standard
Python functions <tt class="method">eval()</tt>, <tt class="method">execfile()</tt> and
the <tt class="keyword">exec</tt> and <tt class="keyword">import</tt> statements.
Code executed in this restricted environment will
only have access to modules and functions that are deemed safe; you
can subclass <tt class="class">RExec</tt> to add or remove capabilities as desired.

<P>
<i>Note:</i> The <tt class="class">RExec</tt> class can prevent code from performing
unsafe operations like reading or writing disk files, or using TCP/IP
sockets.  However, it does not protect against code using extremely
large amounts of memory or CPU time.  

<P>
<dl><dt><b><a name='l2h-2988'><tt class='class'>RExec</tt></a></b> (<big>[</big><var>hooks</var><big>[</big><var>, verbose</var><big>]</big><big>]</big>)
<dd>
Returns an instance of the <tt class="class">RExec</tt> class.  

<P>
<var>hooks</var> is an instance of the <tt class="class">RHooks</tt> class or a subclass of it.
If it is omitted or <code>None</code>, the default <tt class="class">RHooks</tt> class is
instantiated.
Whenever the <tt class="module">rexec</tt> module searches for a module (even a
built-in one) or reads a module's code, it doesn't actually go out to
the file system itself.  Rather, it calls methods of an <tt class="class">RHooks</tt>
instance that was passed to or created by its constructor.  (Actually,
the <tt class="class">RExec</tt> object doesn't make these calls -- they are made by
a module loader object that's part of the <tt class="class">RExec</tt> object.  This
allows another level of flexibility, e.g. using packages.)

<P>
By providing an alternate <tt class="class">RHooks</tt> object, we can control the
file system accesses made to import a module, without changing the
actual algorithm that controls the order in which those accesses are
made.  For instance, we could substitute an <tt class="class">RHooks</tt> object that
passes all filesystem requests to a file server elsewhere, via some
RPC mechanism such as ILU.  Grail's applet loader uses this to support
importing applets from a URL for a directory.

<P>
If <var>verbose</var> is true, additional debugging output may be sent to
standard output.
</dl>

<P>
The <tt class="class">RExec</tt> class has the following class attributes, which are
used by the <tt class="method">__init__()</tt> method.  Changing them on an existing
instance won't have any effect; instead, create a subclass of
<tt class="class">RExec</tt> and assign them new values in the class definition.
Instances of the new class will then use those new values.  All these
attributes are tuples of strings.

<P>
<dl><dt><b><a name='l2h-2989'><tt class='member'>nok_builtin_names</tt></a></b>
<dd>
Contains the names of built-in functions which will <i>not</i> be
available to programs running in the restricted environment.  The
value for <tt class="class">RExec</tt> is <code>('open',</code> <code>'reload',</code>
<code>'__import__')</code>.  (This gives the exceptions, because by far the
majority of built-in functions are harmless.  A subclass that wants to
override this variable should probably start with the value from the
base class and concatenate additional forbidden functions -- when new
dangerous built-in functions are added to Python, they will also be
added to this module.)
</dl>

<P>
<dl><dt><b><a name='l2h-2990'><tt class='member'>ok_builtin_modules</tt></a></b>
<dd>
Contains the names of built-in modules which can be safely imported.
The value for <tt class="class">RExec</tt> is <code>('audioop',</code> <code>'array',</code>
<code>'binascii',</code> <code>'cmath',</code> <code>'errno',</code> <code>'imageop',</code>
<code>'marshal',</code> <code>'math',</code> <code>'md5',</code> <code>'operator',</code>
<code>'parser',</code> <code>'regex',</code> <code>'rotor',</code> <code>'select',</code>
<code>'strop',</code> <code>'struct',</code> <code>'time')</code>.  A similar remark
about overriding this variable applies -- use the value from the base
class as a starting point.
</dl>

<P>
<dl><dt><b><a name='l2h-2991'><tt class='member'>ok_path</tt></a></b>
<dd>
Contains the directories which will be searched when an <tt class="keyword">import</tt>
is performed in the restricted environment.  
The value for <tt class="class">RExec</tt> is the same as <code>sys.path</code> (at the time
the module is loaded) for unrestricted code.
</dl>

<P>
<dl><dt><b><a name='l2h-2992'><tt class='member'>ok_posix_names</tt></a></b>
<dd>
Contains the names of the functions in the <tt class='module'><a href="module-os.html" tppabs="http://www.python.org/doc/current/lib/module-os.html">os</a></tt> module which will be
available to programs running in the restricted environment.  The
value for <tt class="class">RExec</tt> is <code>('error',</code> <code>'fstat',</code>
<code>'listdir',</code> <code>'lstat',</code> <code>'readlink',</code> <code>'stat',</code>
<code>'times',</code> <code>'uname',</code> <code>'getpid',</code> <code>'getppid',</code>
<code>'getcwd',</code> <code>'getuid',</code> <code>'getgid',</code> <code>'geteuid',</code>
<code>'getegid')</code>.
</dl>

<P>
<dl><dt><b><a name='l2h-2993'><tt class='member'>ok_sys_names</tt></a></b>
<dd>
Contains the names of the functions and variables in the <tt class='module'><a href="module-sys.html" tppabs="http://www.python.org/doc/current/lib/module-sys.html">sys</a></tt>
module which will be available to programs running in the restricted
environment.  The value for <tt class="class">RExec</tt> is <code>('ps1',</code>
<code>'ps2',</code> <code>'copyright',</code> <code>'version',</code> <code>'platform',</code>
<code>'exit',</code> <code>'maxint')</code>.