Destroyed builtins are back to bite us!

[aaaaalbert]

8eb44d9112965e7c81d42c2bb94aebdb354d10ee exposes an interesting bug similar to SeattleTestbed/repy_v2#69 where trying to update a SafeDict object results in the underlying implementation's UserDict attempting to call hasattr, which (by that time) has been disabled and replaced by an error-raising function via safe.py.

The usual simple fix consists of stashing hasattr inside the module:

@@ -97,6 +97,7 @@ import compiler     # Required for the code safety check
 warnings.resetwarnings()

 import UserDict     # This is to get DictMixin
+UserDict.hasattr = hasattr
 import platform     # This is for detecting Nokia tablets
 import threading    # This is to get a lock
 import harshexit    # This is to kill the external process on timeout

[aaaaalbert]

Oh, in case you wonder why that specific commit has this problem: I'm working on adding different parties' security layers to a sandbox, and this involves iterating over the read-virtualnamespace-evaluation loop in repy.py multiple times. The error arises because the builtins are removed the first time through the loop already.

(However, there might exist constructions where the problem shows in the vanilla sandbox too. I'm thinking of stacked VirtualNamespaces, or encasementlib tricks, or similar. Needs testing!)

[aaaaalbert]

The SafeDict issue was documented as SeattleTestbed/repy_v2#125, and subsequently fixed in SeattleTestbed/repy_v2#139. Closing this private issue too.