A lightweight Python package for analyzing and securely executing code blocks with AST-based restrictions.
Project description
Python Restrictor & Executor
Overview
A sandboxed Python code execution environment with support for ast-based validation, restricted imports and builtins, and multiple execution methods including subprocesses and uv.
Installation
pip
pip install restricted
uv
uv add restricted
Usage
from restricted.helpers import execute_restricted
# A block of code pretending to be malicious.
code="""
import os
print(os.getcwd())
"""
print(execute_restricted(code))
# Shell Output
ImportError: 'os' is not allowed
Security Notice
This project is in early development and should not be considered production-ready for high-risk environments.
Contribution
If you want to contribute to this small project, feel free to submit a pull request here.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file restricted-0.1.1.tar.gz.
File metadata
- Download URL: restricted-0.1.1.tar.gz
- Upload date:
- Size: 3.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
66c6683639498cdf5ec7446e75a4b125e8a95914ad07620a49de9a5ecb924197
|
|
| MD5 |
ab3e521e1314b0f9d7affe9c5a5bf2cb
|
|
| BLAKE2b-256 |
02cf09473498fdceedffe95d5ea5124218f0fc732cc2632791e42b17ca3aa715
|
Provenance
The following attestation bundles were made for restricted-0.1.1.tar.gz:
Publisher:
python-publish.yml on bimalpaudels/restricted
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
restricted-0.1.1.tar.gz -
Subject digest:
66c6683639498cdf5ec7446e75a4b125e8a95914ad07620a49de9a5ecb924197 - Sigstore transparency entry: 200977336
- Sigstore integration time:
-
Permalink:
bimalpaudels/restricted@58835be837f0295591dfcbd441123b3a0301d450 -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/bimalpaudels
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@58835be837f0295591dfcbd441123b3a0301d450 -
Trigger Event:
release
-
Statement type:
File details
Details for the file restricted-0.1.1-py3-none-any.whl.
File metadata
- Download URL: restricted-0.1.1-py3-none-any.whl
- Upload date:
- Size: 3.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
56daa5745484b31fe4a05b9b072b7f398e60e5252c49019d544d371266c89dbc
|
|
| MD5 |
c8519f9a8d59ef15073767ed3cbfe93c
|
|
| BLAKE2b-256 |
12bc129054ea114778d466688c53bb738109e3a88cc8155d219c3f24cfd17af7
|
Provenance
The following attestation bundles were made for restricted-0.1.1-py3-none-any.whl:
Publisher:
python-publish.yml on bimalpaudels/restricted
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
restricted-0.1.1-py3-none-any.whl -
Subject digest:
56daa5745484b31fe4a05b9b072b7f398e60e5252c49019d544d371266c89dbc - Sigstore transparency entry: 200977337
- Sigstore integration time:
-
Permalink:
bimalpaudels/restricted@58835be837f0295591dfcbd441123b3a0301d450 -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/bimalpaudels
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@58835be837f0295591dfcbd441123b3a0301d450 -
Trigger Event:
release
-
Statement type:
