I'm using python's exec(code, globals, locals)<p>I disable __builtins__ so no imports, exec, eval, open, etc. inside that context<p>but it seems you can still always do object.__subclasses__() and find every system method (eg. open())<p>it can't be overwritten but looking at the interpreter code is seems like it's possible to hack a workaround for this specific case.<p>are there other known ways to escape exec()?
I would infer that it's insecure, since if it were that easy there wouldn't be various abandoned projects trying to sandbox Python.<p>It's the curse of any sufficiently useful language. Well, maybe not Lua, but that was specifically designed for embedding. Java also began with that intention back when applets were ahead of their time, though IIRC secure sandboxing is no longer really a feature.
I'm interested in an answer. Is there a way, by design, to run code from an untrusted source in a restricted manner? So the worse the code could do is call me rude names.