JMK no matter what

In order to add Python support for Algospot Online Judge, I wrote a simple Python sandbox for running unauthorized Python programs. The sandbox is used for evaluating submissions for programming contest problems; it should accept programs written in Python, run them while restricting the program to affect the system in any way. The only thing we allow them is to access certain standard library modules, and read & write to standard i/o. The following is a brief summary of what it does:

• Reads in the code, compile()s and eval()uates it.
• Before executing the code, we overwrite some of the forbidden functions in __builtin__, such as open, eval, execfile, and compile. We override exit() as well, so calling exit() will not terminate the sandbox as well.
• We override __import__() so it will check every imports the program makes.
  • The list of allowed modules are: ["string", "re", "struct", "StringIO", "cStringIO", "heapq", "array", "bisect", "_bisect", "sets", "types", "math", "cmath", "decimal", "fractions", "random", "itertools", "functools", "time", "errno", "future", "operator", "_heapq", "warnings", "binascii", "_random", "_functools"]
  • The list of allowed entries are: ["os.urandom", "sys.stdin", "sys.stdout"]
• sys.stdin will be redirected to the input file
• sys.stdout will be redirected to ModeratedOutputFile, which throws an exception if we write more than 16MB to the file.

The memory usage and running time of the Python runtime will be monitored by an outside process. Then, will it be possible for a malevolent Python code to affect the system in any way?

Any comments will be appreciated.