Python code executed dynamically normally suffers no special restrictions. Python’s general philosophy is to give the programmer tools and mechanisms that make it easy to write good, safe code, and trust the programmer to use them appropriately. Sometimes, however, trust might not be warranted. When code to execute dynamically comes from an untrusted source, the code itself is untrusted. In such cases it’s important to selectively restrict the execution environment so that such code cannot accidentally or maliciously inflict damage. If you never need to execute untrusted code, you can skip this section. However, Python makes it easy to impose appropriate restrictions on untrusted code if you ever do need to execute it.
__builtins__ item in the global namespace
isn’t the standard
module (or the latter’s dictionary), Python knows
the code being run is restricted. Restricted code executes in a
sandbox environment, previously prepared by the trusted code, that
requests the restricted code’s execution. Standard
you prepare an appropriate sandbox. To ensure that restricted code
cannot escape the sandbox, a few crucial internals (e.g., the
__dict__ attributes of modules, classes, and
instances) are not directly available to restricted code.
There is no special protection against restricted code raising exceptions. On the contrary, Python diagnoses any attempt by restricted code to violate the sandbox restrictions ...