Re: [pygame] Use of PyScheme for game projects

[Kamilche <klachemin@xxxxxxxxxxx>]

andrew baker wrote:
> Howdy,
>
> I've been pondering alternative methods to allowing unknown persons to 
> submit game code in my game engine, e.g. player created levels, 
> characters, monsters and items, but of course sandboxing Python code is 
> nontrivial.  I've hit upon using a Scheme interpreter in Python to 
> potentially solve this problem, with a possible variation on parsing to 
> make the Scheme code appear more Pythonic.  Has anyone had similar 
> success or failure or a better understanding of Scheme than me who 
> explain why this is A) awesome or B) teh suck.
>
> And, yes, I know how daft it may seem to embed another interpreted 
> language inside an interpreted language, but I'm expecting rather small 
> Scheme patterns, and Python in its current state simply cannot be 
> sandboxed, and I think I might actually hate C++. :D

Well, you're in a similar situation to me then! Security is more 
important to me than functionality; I don't want arbitrary code to be run.

So I have a list of 'events' for an object displayed to the user, that 
they can put in function names and parameters for. In the game, I prefix 
the function names with something so they can't execute arbitrary calls; 
then execute that function, with the supplied arguments.

It's not as flexible as it could be, but it's plenty fun. I don't want 
to debug or support 'arbitrary code execution', even if it is a 
different language.