Hello, The thing is pypy's taint code is broken. Basically you don't only need to patch all places that return pyobject, but also all places that might modify anything. (All side effects) For example innocently looking call to addition might end up calling arbitrary python code (and have arbitrary side effects). There is a question how do you approach such things? Cheers, fijal On Fri, Dec 5, 2008 at 12:29 AM, Amaury Forgeot d'Arc <amauryfa@gmail.com> wrote:
Hello,
On Thu, Dec 4, 2008 at 19:36, Nicole King <nicole@cats-muvva.net> wrote:
Dear All,
I have published the diff for my implementation of tainted mode in Python for R3.0 (released version) at http://www.cats-muvva.net/software/. Look at the bottom the page. I apologise for past problems accessing this web site: I hope to have resolved all the issues with it.
The patch is indeed huge! it seems that every function that returns a PyObject must be modified. And it seems very difficult to check for its correctness.
Did you look at the Pypy project? The C code of the interpreter is generated, and it already proposes a "Taint" option at translation time. http://codespeak.net/pypy/dist/pypy/doc/objspace-proxies.html#taint With only 300 lines of elegant python code...
-- Amaury Forgeot d'Arc _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/fijall%40gmail.com