Geek Answers Handbook

IronPython - How to prevent the import of CLR (and other modules)

I am setting up a web application to use IronPython for scripting various user actions, and I will expose various business objects ready to access the script. I want the user to not be able to import the CLR or other assemblies in order to simplify the script functions and limit the functionality that I expose in my business objects.

How to prevent assembly of the CLR and other assemblies / modules?

+4
source share
4 answers

You will have to look for a script to import that you do not want to use, and reject the script if it contains any of them.

Basically, just reject the script if it contains Assembly.Load, import, or AddReference.

+1
source

This will prevent the import of both python modules and .Net objects, possibly not the way you want. (I'm relatively new to Python, so I might as well skip some things):

Environment setting. Import everything you need for the user to have access. Either add to their script, or do:

__builtins__.__import__ = None #Stops imports working reload = None #Stops reloading working (specifically stops them reloading builtins #giving back an unbroken __import___!

then execute their script.

+2
source

You might want to implement security using Microsoft Code Access Security . I myself am not fully aware of my work (or how it works with IPy), but this is what I think you should consider.

There is a discussion thread on the IPy mailing list that you might want to check out. The question asked is similar to yours.

+1
source

If you want to disable some of the built-in modules, I would suggest submitting a function request to ironpython.codeplex.com. This should be a fairly simple task to implement.

Otherwise, you can just look at Importer.cs and ban import there, or you can just remove ClrModule.cs from IronPython and rebuild (and possibly remove any links to it).

0
source

More articles:


All Articles