In a message of Sun, 09 Dec 2007 13:22:10 -0400, "Andre Roberge" writes:
Hello everyone,
Please forget the intrusion but I did not know where else to ask this que stion.
Welcome. This is not an intrusion. You have come to the right place. You may want to start by reading this. http://codespeak.net/pypy/dist/pypy/doc/sandbox.html Cpython is the python you know and use, the one that is written in C. pypy-c is a pypy interpreter, which could be interpreting python, but could also be interpreting prolog, or javascript, or squeak -- and which produces as its output c code that you can run. Just so you don't confuse them as you are reading.
Through my involvement with Google's Highly Open Participation contest, I have learned about the sandboxing capabilities of pypy and, I believe although I can't find it anymore, the ability to limit the time allowed to a given process. Even if this last one is wrong, the sandboxing capability is something I would be extremely interested in using.
The application I have in mind is Crunchy. In a nutshell: Crunchy takes an arbitrary html page (with embedded Python code inside <pre> tags) and transforms it so that the user can execute, in a variety of ways, the Python code displayed in a browser (Firefox) window. It is a different way to interact with code than the ones given as examples on http://play1.codespeak.net/.
Crunchy's user code (executed from the browser window) is not sandboxed. I was wondering how difficult it would be to have it sandboxed.
Here are a few more specific questions:
1 a. Is it possible to create a "sandboxed python interpreter" that can be included as a module distributed with a cPython based program (Crunchy) without having pypy included in the distribution? 1 b. If so, does that module has to be (pre-)compiled for a given target machine?
2. Is it possible to limit the time for a given process (as mentioned abo ve)?
Thank you in advance for anyone that can give me some information regarding the above. If you feel this discussion is not appropriate for this list, please do not hesitate to tell me so and perhaps answer the questions "off-list". And, if the answers are simply: read this URL, and try this example, it would be appreciated as well.
Cheers,
André
This list is the appropriate place for this discussion. But so is #pypy on irc.freenode.net. There you can hold real conversations, so its often faster to figure things out by talking to us there. Can you post the details of the architecture of crunchy? Where does the student's code run? On the student's machine? or on the teacher's server machine? The ability to sandbox is a property of the architecture of pypy. It's not a module that you could port to Cpython. The person you want to sandbox has to be running pypy. Laura
P.S. Crunchy's code is ... the work of two Python hobbyists ... and is probably not worth looking at - I can probably clarify any specific point needed to find out how it works, if needed to answer the questions I raised, better by email than having anyone read its code. _______________________________________________ pypy-dev@codespeak.net http://codespeak.net/mailman/listinfo/pypy-dev