1  """ 
 2  Simple dialog which asks if you want to allow or deny execution of a script. 
 3  A list of possible problems is show.  
 4  The analysis is done in safe_eval which is called from scripterng_runtime 
 5  like this module.  
 6   
 7  BTW, safe_eval is great module by Jeremy Sanders used inside Veusz. 
 8  It only allows a very small subset of Python which is considered safe. 
 9   
10  XXX: Perhaps refactor some external functionality into this module 
11  """ 
12  from PyQt4.QtCore import pyqtSignature 
13  from PyQt4.QtGui import QDialog, QApplication 
14   
15  from permitdlg_ui import Ui_PermitDialog 
20   
21   
23          QDialog.__init__(self) 
24          self.ui = Ui_PermitDialog() 
25          self.ui.setupUi(self) 
26           
27          self.ui.rememberCheck.hide()  
28          self.ui.filenameLabel.setText(filename) 
29           
30          self.ui.problemsBrowser.setText(""" 
31          <i>Please look into the source for further investigation.</i> 
32          <ul> 
33          %s 
34          </ul> 
35          <p>To ensure safe execution importing external modules is not allowed by default  
36          because external modules could access your system directly. 
37          <br/>Additonally access to "private" attributes is not allowed because accessing  
38          them could trigger side-effects which may help to break out of the sandbox.<br/> 
39          Unfortunately exceptions are also a security problem because they can change  
40          the control flow and you could access the stack frame.</p> 
41          """ % "".join(["<li>%s</li>" % p for p in problems])) 
42          self.ui.problemsBrowser.hide() 
43          self.resize(self.width(), self.sizeHint().height()) 
 44   
45       
46      @pyqtSignature("") 
52   
53           
54      @pyqtSignature("") 
60   
61   
62      @pyqtSignature("") 
 66   
67   
68   
69 -def ask(filename, problems): 
 70      """ 
71      Use this fuction 
72      """ 
73      return PermitDialog(filename, problems).exec_() 
 74   
75   
76   
77  if __name__ == "__main__": 
78       
79      import sys 
80      import safe_eval 
81      problems = safe_eval.checkCode(open("permitdlg.py").read()) 
82      app = QApplication(sys.argv) 
83      print ask("permitdlg.py", problems) 
84