I'm using the Jython library in my Java project in order to provide Python code execution.
I'd like to restrict access to specific Java classes/packages as well as invocations of Jython's built-in functions.
I implemented an own class loader and set it in Jyhton interpreter:
But the Jython library also provides Python's built-in functions that aren't implemented as Java code, so I cannot catch them with the custom class loader. Here's a list with those supported functions: Built-in functions
How can I detect disallowed function invocations (for example: open(filename[, mode[, bufsize]])) in Pyhton user code? Is there any special hooking mechanism that can be used during code parsing or execution?
I reversed some Jython classes and searched for any possibility but its intrinsic processes aren't very easy to understand.
"Wenn man irgendwann mal von allen akzeptiert wird, dann weiß man, dass man irgendwas falsch gemacht hat." Excerpt by: Mr. Weidner