# Safer Pythonic Formula ## Abstract Dcipher gives chance users to run their Python statements on their dataset with Python's `eval()` method. However this could causes to run unsafe Python code which can leads security problems, e.g. accesing environment variables. Why `eval()` is dangerous: [click me](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html). In this task, we aim to make this operation safer. ## Related Works 1. This [Jira issue](https://dcipher.atlassian.net/jira/software/projects/DA/boards/1?assignee=5ff22cf54d2179006e9bf4bf&selectedIssue=DA-3231) generated by GPT4 gives a perfect summary and advices about the task. 2. This great stackexchange [question](https://softwareengineering.stackexchange.com/questions/191623/best-practices-for-execution-of-untrusted-code). >Take a look at RestrictedPython, which attempts to give you the strict bytecode control. RestrictedPython transforms Python code into something that lets you control what names, modules and objects are permissible in Python 2.3 through to 2.7. If RestrictedPython is secure enough for your purposes does depend on the policies you implement. Not allowing access to names starting with an underscore and strictly whitelisting the modules would be a start. In my opinion, the only truly robust option is to use a separate Virtual Machine, one with no network access to the outside world which you destroy after each run. Each new script is given a fresh VM instead. That way even if the code manages to break out of your Python sandbox (which is not unlikely) all the attacker gets access to is short-lived and without value. 3. [RestrictedPython](https://github.com/zopefoundation/RestrictedPython) package seems promising. `A restricted execution environment for Python to run untrusted code.` 3.1. A good issue to read about what to restrict. [click me](https://github.com/zopefoundation/RestrictedPython/issues/261) >Even with `RestrictedPython` it is very difficult to provide for a secure environment. A very thourough concept is required. That's why you do not start with example code (and look at its features). Instead you start thinking carefully about the security requirements of your application. 3.2. We can a write custom `import()` method to control which package can be used by users. A helpful [issue](https://github.com/zopefoundation/RestrictedPython/issues/208). In this issue they mention a function `guarded_import` [here](https://github.com/zopefoundation/AccessControl/blob/master/src/AccessControl/ZopeGuards.py#L383).