diff options
Diffstat (limited to 'lib/kross/python/pythonsecurity.h')
-rw-r--r-- | lib/kross/python/pythonsecurity.h | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/lib/kross/python/pythonsecurity.h b/lib/kross/python/pythonsecurity.h new file mode 100644 index 00000000..7ffbcfff --- /dev/null +++ b/lib/kross/python/pythonsecurity.h @@ -0,0 +1,109 @@ +/*************************************************************************** + * pythonsecurity.h + * This file is part of the KDE project + * copyright (C)2004-2005 by Sebastian Sauer ([email protected]) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * You should have received a copy of the GNU Library General Public License + * along with this program; see the file COPYING. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + * Boston, MA 02110-1301, USA. + ***************************************************************************/ + +#ifndef KROSS_PYTHON_SECURITY_H +#define KROSS_PYTHON_SECURITY_H + +#include "pythonconfig.h" + +#include <qstring.h> + +namespace Kross { namespace Python { + + // Forward declaration. + class PythonInterpreter; + + /** + * This class handles the used Zope3 RestrictedPython + * package to spend a restricted sandbox for scripting + * code. + * + * The RestrictedPython code is avaible as Python files. + * So, this class takes care of loading them and spending + * the functions we need to access the functionality + * from within Kross. That way it's easy to update the + * module with a newer version if some security issues + * show up. + * + * What the RestrictedPython code does is to compile + * the plain python code (py) into compiled python code (pyc) + * and manipulate those compiled code by replacing unsafe + * code with own wrapped code. + * As example a simple "x = y.z" would be transfered to + * "x = _getattr_(y, 'z')". The _getattr_ is defined in + * the RestrictedPython module and will take care of + * applied restrictions. + * + * \see http://www.zope.org + * \see http://svn.zope.org/Zope3/trunk/src/RestrictedPython/ + */ + class PythonSecurity : public Py::ExtensionModule<PythonSecurity> + { + public: + + /** + * Constructor. + * + * \param interpreter The \a PythonInterpreter instance + * used to create this Module. + */ + explicit PythonSecurity(PythonInterpreter* interpreter); + + /** + * Destructor. + */ + virtual ~PythonSecurity(); + + /** + * Compile python scripting code and return a restricted + * code object. + * + * \param source The python scripting code. + * \param filename The filename used on errormessages. + * \param mode Compilemode, could be 'exec' or 'eval' or 'single'. + * \return The compiled python code object on success else + * NULL. The caller owns the resulting object and needs + * to take care to decrease the ref-counter it not needed + * any longer. + */ + PyObject* compile_restricted(const QString& source, const QString& filename, const QString& mode); + +#if 0 + //TODO + void compile_restricted_function(const Py::Tuple& args, const QString& body, const QString& name, const QString& filename, const Py::Object& globalize = Py::None()); + void compile_restricted_exec(const QString& source, const QString& filename = "<string>"); + void compile_restricted_eval(const QString& source, const QString& filename = "<string>"); +#endif + + private: + /// We keep a pointer to the used \a PythonInterpreter. + PythonInterpreter* m_interpreter; + /// The imported external RestrictedPython module. + Py::Module* m_pymodule; + + /// Initialize the restricted python module. + inline void initRestrictedPython(); + + /// Secure wrapper around the getattr method. + Py::Object _getattr_(const Py::Tuple&); + }; + +}} + +#endif |