Escaping Python Sandboxes
This was originally published on the OSIRIS blog Note: This is all written for Python 2.7.3. These details might be different in other versions of Python - especially 3+! Attempting to escape a sandbox is always a fun challenge. Python sandboxes are no exception. In a static language, this is usually done by analyzing the code to see if certain functions are called, or wrapping the dangerous functions with code that does validation.