I've a program distributed with py2exe.
Users want the ability to run plugin python scripts.
For the plugins to be useful, they need access to data and functions of the hosting program,
but at the same time there are program internals, and 3rd party data, that need to be protected.

I haven't been able to figure out how to do this.
__import__ (scriptname, None, None) sets globals() and locals(),
and a single 'scriptHelpers' module import is documented,
which module gives the plugins access to data and functions that are safe&allowed.

However, it's possible for a knowledgeable Python programmer to crack things open.

What I haven't figured out how to do in this situation is to hook the import statement,
inside a py2exe app, so that imports inside the plugin are restricted.

I've tried the various import hooks / meta_path, etc, none of these get executed in the py2exe/zipextimporter architecture.

How can I hook the import statement for a python script that is being __import__'d and run inside a py2exe program ?
I want to restrict what a script __import__'d by a p2exe program can itself import.