tags:

views:

117

answers:

1
+2  Q: 

Embedding Python Design

There are lots of tutorials/instructions on how to embed python in an application, but nothing (that I've seen) on overall design for how the embedded interpreter should be used and interact with the application.

The only idea I could think of would be to simply give the user a method (menu option, etc) of executing scripts in the program. So certain classes, functions, objects, etc. would be exported to python, some script would do something, then said script could be run from the program.

Would such a design be "safe?" Meaning is it feasible for a malicious/poorly-written script to "damage" the program and/or computer? I assume its possible depending on the functions available to the script (e.g: it could try to overwrite some important files, etc.) How might one prevent such from happening? (e.g: script certification, program design, etc.)

This is implementation specific, but is it possible/feasible to have the effects of the script stay after its done running? Meaning if a script computes something, will the result be available to the program after execution of the script has finished? I think it is possible to do if the program were setup to interact with a specific script, but the program will be released before most scripts are written; and such a setup seems like a misuse of embedding a scripting language. Is there actually cases where you would want the result of a scripts execution to be available, or is this a contrived situation that doesn't really occur?

Are there any other designs for embedding python?
What about using python in a way similar to a plugin architecture?

Thanks,
Matthew A. Todd

+1  A: 

The only idea I could think of would be to simply give the user a method (menu option, etc) of executing scripts in the program.

Correct.

So certain classes, functions, objects, etc. would be exported to python, some script would do something, then said script could be run from the program.

Correct.

Would such a design be "safe?"

Yes. Unless your users are malicious, psychotic sociopaths. They want to make your program do useful things. They bought/downloaded the software in the first place. They think it has value.

They trusted your software. Why not trust them?

Meaning if a script computes something, will the result be available to the program after execution of the script has finished?

Programs like Apache do this all the time. You screw up the configuration ("script"), it crashes. Lesson learned? Don't screw up the configuration.

S.Lott  2009-11-05 19:11:51
I was worried about them downloading scripts w/o realizing what the script might do.
Matthew  2009-11-05 19:12:41
Well, but they could download programs w/o realizing what the program might do. You can't fix that problem.
Michael Kohne  2009-11-05 19:13:51
Michael, you can't fix the problem, but you can minimize the consequences by limiting what the program (or in this case, script) can do. Scott, in reply to your post, IMO, it's not a question of trusting the end user, it's a question of a potentially uninformed end-user trusting a third party script. So "root" access (metaphorically speaking) isn't something you would want to given an add-on script.
codelogic  2009-11-05 19:34:04
@codelogic: Root access is right out from the very beginning. Who would allow such a thing? Any application that works with elevated privileges cannot be scripted in any trustworthy way.
S.Lott  2009-11-05 19:47:01
@S.Lott: I didn't mean literal root access (hence the quotes), I meant with respect to the application and the Python interpreter. My point being, limit the script's power so that it can get the intended job done. For example, if the scripting functionality is merely to allow 3rd party image processing capabilities, don't give it network privileges, maybe not even file system access. Restrict its sandbox with enough room to get the job done.
codelogic  2009-11-05 20:10:56
@codelogic: I think that the "certain classes, functions, objects, etc. would be exported to python" in the original question covered that topic. It sounds like you agree with this approach of only "certain classes, functions, objects, etc."
S.Lott  2009-11-05 20:36:47
True, it looks like I misinterpreted a part of your answer.
codelogic  2009-11-08 02:11:56

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python