bmatschke
commented
3 years ago Essentially done: Advanced search allows arbitrary nested lists/tuples/dicts/ranges as Sage expressions. Capped db queries to 1000, running time to 1 sec, search results to 100. Safety is dealt with by forbidding certain identifiers. SafeEval class runs on separate process that communicates via Pyro5 with the django-wsgi server. Should still sandbox that Sage-instance.
Registered users should be allowed to search for many numbers in one query, such as "2^n * pi for n in range(100)". Should allow python/sage code, possibly restricted to safe expressions. Evaluation should run on separate program/service, communicating with wsgi server via say pyro5. For memory reasons, perhaps only allow iterators, not lists. Cap iterators at say 1000 numbers. Cap running time at say 1 sec. Cap search results at 10 numbers. Log search queries for safety, monitor server resources.