[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [pygame] Python bots in Galcon (or your game!) safe_eval
- To: pygame-users@xxxxxxxx
- Subject: Re: [pygame] Python bots in Galcon (or your game!) safe_eval
- From: Phil Hassey <philhassey@xxxxxxxxx>
- Date: Wed, 7 Mar 2007 23:25:20 -0800 (PST)
- Delivered-to: archiver@seul.org
- Delivered-to: pygame-users-outgoing@seul.org
- Delivered-to: pygame-users@seul.org
- Delivery-date: Thu, 08 Mar 2007 02:25:29 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=ldqgg1m81hgSLDzKPWNf8dyHqRGzusCba2UNv4MbfeOzllzQnRz0njr4ThOA5+WxlkOpgUrVM5tadx3B1TJkH6oZud5DpL3O0hxAeBqm3MHvjY0Mu6aPQ1DVmH91RDsPe1hws39PvNC9U40KS2TCtgs5FHRml3VvA9eetoyhbKI=;
- In-reply-to: <c3f69bf60703072318p403190eatd4cbeae4730fd5aa@mail.gmail.com>
- Reply-to: pygame-users@xxxxxxxx
- Sender: owner-pygame-users@xxxxxxxx
Hey,
Mind though - the reason I posted is because I have serious doubts as to the "security" of this module. Even since the post I've found several bugs and things to change to make it better. Hence the intro to safe.py:
This file is public domain and is not suited for any serious purpose.
This code is not guaranteed to work. Use at your own risk!
Beware! Trust no one!
So try to break it! Another thing - that would be helpful - would be a handful of scripts that are "safe" that this validator should approve. Would be good as additional test cases.
Thanks!
Phil
Patrick Mullen <saluk64007@xxxxxxxxx> wrote: Sounds cool, and this is an important problem domain for python, even beyond gaming. I've been needing this for similar reasons, and the hacks I've been
using are pretty flimsy.
re.sub(script,'import','_no_imports_') FTW
8:00? 8:25? 8:40? Find a flick in no time
with theYahoo! Search movie showtime shortcut.