I'm writing an application where we need to execute untrusted python code. (i.e. an application similar to a homework submission server, where student input is untrusted)
Thinking about it, my first thought is that by disabling the file I/O capabilities of the language (and thus, restrict code to using stdin/stdout only), a program couldn't do much harm to the system.
Is this correct, or are there attack vectors that I haven't thought of?
Is there some kind of python flag or compiler option that I can pass to isolate the code?
Run them in docker containers!
As with anything about security, there is no silver bullet. Your mileage may vary.