tags:

views:

119

answers:

4
Q: 

How can I provide safety template for user to modify with python?

I am building a multi-user web application. Each user can have their own site under my application. I am considering how to allow user to modify template without security problem? I have evaluated some python template engine. For example, genshi, it is a pretty wonderful template engine, but however it might be dangerous to allow user to modify genshi template. It have a syntax like this:

<?python

?>

This syntax allow you run whatever you want python can do. I notice that it seems can be shutdown by passing some parameter. But there are still a lots of potential problems. For example, user can access build-in functions, and methods of passed variables. For example, if I pass a ORM object to template. It might contain some method and variable that I don't want to allow user touch it. May like this:

site.metadata.connection.execute("drop table xxx")

So my question is how can I allow user to modify template of their site without security problems? Any python template engine can be used.

Thanks.

A: 

The short answer is probably "you can't".

The best you can probably do is to trap the individual users in virtual machines or sandboxes.

Charlie Martin  2009-02-15 04:49:51
+2  A: 

Look at Django templte engine. It does not support execution of arbitrary python code and all accessible variables must be passed into template explicity. This should be pretty good foundation for building user-customizable pages. Beware that you'll still need to handle occasional syntax errors from your users.

Alex Lebedev  2009-02-15 05:18:01
Thanks, I have evaluated django template engine, it is very nice. It even not allow user to access attributes that begin with "_", so that it is safe enough to allow user to use it.
Victor Lin  2009-02-15 13:32:31
Another feature of the Django template engine that comes in handy here is that you can set the "alters_data" attribute on any function or object method, and that will prevent it from being called in a template.
Carl Meyer  2009-02-15 19:20:45
A: 

In rails there's something called liquid. You might take a look at that to get some ideas. Another idea: at the very least, one thing you could do is to convert your objects into simple dictionary - something like a json representation, and then pass to your template.

toby  2009-02-15 05:25:28
+3  A: 

Jinja2 is a Django-ish templating system that has a sandboxing feature. I've never attempted to use the sandboxing, but I quite like Jinja2 as an alternative to Django's templates. It still promotes separation of template from business logic, but has more Pythonic calling conventions, namespacing, etc.

Jinja2 Sandbox

Joe Holloway  2009-02-15 06:56:10
Jinja really rocks. I like the possibility to define macros (are a lot like functions) from within the templates. {{ navitem(text, link) }}
pi  2009-02-16 13:35:26

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python