--- andrew baker <failrate@xxxxxxxxx> wrote:
Howdy,
I've been pondering alternative methods to allowing
unknown persons to
submit game code in my game engine, e.g. player
created levels, characters,
monsters and items, but of course sandboxing Python
code is nontrivial.
I've hit upon using a Scheme interpreter in Python
to potentially solve this
problem, with a possible variation on parsing to
make the Scheme code appear
more Pythonic. Has anyone had similar success or
failure or a better
understanding of Scheme than me who explain why this
is A) awesome or B) teh
suck.
And, yes, I know how daft it may seem to embed
another interpreted language
inside an interpreted language, but I'm expecting
rather small Scheme
patterns, and Python in its current state simply
cannot be sandboxed, and I
think I might actually hate C++. :D
Thanks,
--
Andrew Ulysses Baker
"failrate"
Had the exact same problem. You (should) be able to
base a safe Python sub-interpreter off of this code:
http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496746
When I tested it a little bit(haven't actually
implemented in my project) I found that I had to
disable one of the asserts to make it work as an
imported module; and I didn't actually execute the
eval with the time-out thread after it ran the tests,
but instead flagged the code as safe. This means that
I've left it open to crash programs, but in theory it
should otherwise be safe and perform about as well as
my main code.