Skip to content

zopefoundation/RestrictedPython

6 Branches48 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

icemacicemac
Back to development: 8.1
Mar 20, 2025
bd936f7 · Mar 20, 2025

History

756 Commits
.github/workflows
.github/workflows
Mar 17, 2025
docs
docs
Jan 6, 2025
src/RestrictedPython
src/RestrictedPython
Jan 23, 2025
tests
tests
Jan 23, 2025
.editorconfig
.editorconfig
Aug 30, 2021
.gitignore
.gitignore
Apr 13, 2022
.meta.toml
.meta.toml
Mar 17, 2025
.pre-commit-config.yaml
.pre-commit-config.yaml
Mar 17, 2025
.readthedocs.yaml
.readthedocs.yaml
Sep 22, 2023
CHANGES.rst
CHANGES.rst
Mar 20, 2025
CONTRIBUTING.md
CONTRIBUTING.md
Jan 28, 2025
COPYRIGHT.txt
COPYRIGHT.txt
Apr 8, 2010
LICENSE.txt
LICENSE.txt
Apr 8, 2010
MANIFEST.in
MANIFEST.in
Oct 9, 2024
README.rst
README.rst
Mar 10, 2023
buildout.cfg
buildout.cfg
Jul 12, 2020
constraints.txt
constraints.txt
Apr 20, 2022
pyproject.toml
pyproject.toml
Mar 17, 2025
setup.cfg
setup.cfg
Oct 9, 2024
setup.py
setup.py
Mar 20, 2025
tox.ini
tox.ini
Mar 17, 2025

Repository files navigation

https://coveralls.io/repos/github/zopefoundation/RestrictedPython/badge.svg?branch=master Documentation Status Current version on PyPI Supported Python versions

https://github.com/zopefoundation/RestrictedPython/raw/master/docs/logo.jpg

RestrictedPython

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. RestrictedPython is not a sandbox system or a secured environment, but it helps to define a trusted environment and execute untrusted code inside of it.

Warning

RestrictedPython only supports CPython. It does _not_ support PyPy and other Python implementations as it cannot provide its restrictions there.

For full documentation please see http://restrictedpython.readthedocs.io/.

Example

To give a basic understanding what RestrictedPython does here two examples:

An unproblematic code example

Python allows you to execute a large set of commands. This would not harm any system.

>>> from RestrictedPython import compile_restricted
>>> from RestrictedPython import safe_globals
>>>
>>> source_code = """
... def example():
...     return 'Hello World!'
... """
>>>
>>> loc = {}
>>> byte_code = compile_restricted(source_code, '<inline>', 'exec')
>>> exec(byte_code, safe_globals, loc)
>>>
>>> loc['example']()
'Hello World!'

Problematic code example

This example directly executed in Python could harm your system.

>>> from RestrictedPython import compile_restricted
>>> from RestrictedPython import safe_globals
>>>
>>> source_code = """
... import os
...
... os.listdir('/')
... """
>>> byte_code = compile_restricted(source_code, '<inline>', 'exec')
>>> exec(byte_code, safe_globals, {})
Traceback (most recent call last):
ImportError: __import__ not found

Contributing to RestrictedPython

If you want to help maintain RestrictedPython and contribute, please refer to the documentation Contributing page.

About

A restricted execution environment for Python to run untrusted code.

restrictedpython.readthedocs.io/

Topics

python code plone hacktoberfest zope restrictions untrusted

Resources

Readme

License

View license

Security policy

Security policy
Activity
Custom properties

Stars

548 stars

Watchers

73 watching

Forks

39 forks
Report repository

Releases

48 tags

Packages

No packages published

Used by 3.6k

  • @AA-Turner
  • @next-drought
  • @poindexter12
  • @CroudTech
  • @reckonfx
  • @chestharas
  • @ocayeocaye
  • @ansh1429
+ 3,607

Contributors 39

+ 25 contributors

Languages