Library that evaluates the safeness of python code

A forum for general discussion of the Python programming language.

Library that evaluates the safeness of python code

Postby alexkiro » Wed Sep 25, 2013 1:45 pm

I'm looking for a solution to evaluate a piece of python code and should make a decision whether or not it is safe to run using eval(...). This means it should check if there are imports, system calls, any other possible exploits or dangerous calls in order to make sure the code (which will be input by an user) is safe to run.

Are there any such libraries? (preferably open-source) Any advantages or disadvantages to any specific library?
Last edited by Mekire on Wed Sep 25, 2013 2:02 pm, edited 1 time in total.
Reason: First post lock.
Posts: 1
Joined: Wed Sep 25, 2013 1:37 pm

Re: Library that evaluates the safeness of python code

Postby Mekire » Wed Sep 25, 2013 2:09 pm

I know Metulburr was recently working on something related to this:

Find the thread here.

It was also brought up that even with code that will be passed as safe, a malicious (or curious) user can still pass something that will consume all your memory and crash, or just take an endless amount of time to complete such as:
Code: Select all

See a discussion on this (and possible solution) here.

User avatar
Posts: 1261
Joined: Thu Feb 07, 2013 11:33 pm
Location: Tucson, Arizona

Re: Library that evaluates the safeness of python code

Postby micseydel » Wed Sep 25, 2013 4:21 pm

I don't think you can ever really detect the safeness. See: ... erous.html
The only thing I could seriously recommend is a sandbox. Don't ever trust the input as sanitary.
Join the #python-forum IRC channel on!

Please do not PM members regarding questions which are meant to be discussed publicly. The point of the forum is so that others can benefit from it. We don't want to help you over PMs or emails.
User avatar
Posts: 1810
Joined: Tue Feb 12, 2013 2:18 am
Location: Mountain View, CA

Return to General Discussions

Who is online

Users browsing this forum: No registered users and 6 guests