This is a variation of an identity-centric security context for POSIX-based web platforms, which specifies containerization strategy of Python-targeted code.
Idea: run executable processes with impersonated user privilege, encapsulated as a function call:
from encapsulate import exeCallObject, keyword
def run():
try: return exeCallObject \
('assets/Itham/services/component/query',
keyword('keyword', 'value'),
'arg1', 'arg2', 'arg3',
compartmentalize = True)
except exeCallObject.error as e:
return namespace(code = e.returncode,
error = e.stderrOutput,
output = e.stdOutput)
Or:
encapsule.isolate --post-context assets/Itham/services/component/query \
--keyword=value arg1 arg2 arg3 \
| wget 'https://network/channel/x' --method=post --post-file=-
Additional implementation is available online at:
https://thetaplane.com