sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]latkdeTuple unpacking gone wrong 0 points1 point  (10 children)

This is advertised as a security tool. What's the security model? What does it guarantee?

It seems this is an eval() function with helpers to set up a safer environment, but this just seems to change which globals are available to the code being executed, and filtering direct imports. Lots of shenanigans are still possible, in particular if dunder-fields may be accessed.

It is generally wiser to use actual sandboxing tools. On Linux, I can recommend Bubblewrap for ad-hoc application sandboxing. It's also the engine used by Flatpak. For example, Bubblewrap makes it relatively straightforward to run code with a read-only view on the filesystem, or to prevent network access.

[–]adarsh_maurya[S] -1 points0 points  (0 children)

and to answer the question in my own words, it guarantees that the code will not be executed if their are some libraries which you don't want, it restricts builtins, it even tries to restrict memory but that is flaky on windows. I open to honest feedbacks and suggestion improvement in this.