Restricted Execution Mode


Python's Restricted Execution Mode is designed primarily to make it impossible for applets to modify the file system or run arbitrary other programs. It currently cannot completely prevent applets from crashing the Grail browser or from using inordinate amounts of resources like memory, CPU cycles or screen real estate. These problems will be addressed in the near future. Currently, users can prevent malicious applets by avoiding untrusted sites, and they can contain the damage by killing the Grail application. See also this Security Warning.

The exact set of features available to code executed in restricted mode is mostly controlled by the code running in unrestricted mode (however, certain restrictions are enforced directly by the Python interpreter). The Python library comes with a default set-up, which is modified somewhat by Grail. The following list summarizes the restrictions set by Grail:

Language Changes

The following changes apply to the language itself (these are mostly intended to close up loopholes that would allow restricted programs to gain access to unrestricted modules): Note that most standard library modules (those modules written in Python) are available normally; they are only restricted insofar as they rely on features or built-in modules or functions that are restricted.