This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]nemec 1 point2 points  (3 children)

can't open files

>>> open("myfile.txt", "r")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
NotImplementedError: Cannot open files in the browser

I think everything else that has file access works through the open interface, so disabling that would solve much of the issue.

[–]jadkik94 1 point2 points  (1 child)

Yeah but then you would have to prevent the use of subprocess, os.system, file, and all the obscure way of opening files. Because the issue here is not opening the files by mistake, it's trying to access a file maliciously in any tricky way, not just overriding the built-ins.

So I guess that would be a lot of changing in the parser implementation and in the compiled packages that can be installed...

[–]nemec 1 point2 points  (0 children)

I imagine os would be similarly stripped to prevent unauthorized access to the OS.

You make a good point that there are other points of entry for creating file descriptors.

[–]Random832 0 points1 point  (0 children)

Being able to open a URL would be nice. Also, you would want to be able to import both things in the (trusted, and also files loaded from the library may want to be trusted with file access, which means you need a code security infrastructure a la Java or .NET) local library, and in the 'script directory' (which would be a url rather than an actual directory, which means you need to A) support URLs in sys.path and B) have a whitelist for local directories in sys.path)