[pypy-svn] r47121 - pypy/dist/pypy/doc

arigo at codespeak.net arigo at codespeak.net
Wed Oct 3 20:04:56 CEST 2007

Author: arigo
Date: Wed Oct  3 20:04:55 2007
New Revision: 47121

Reduce this long ()ized sentence - it's better explained in the 

Modified: pypy/dist/pypy/doc/sandbox.txt
--- pypy/dist/pypy/doc/sandbox.txt	(original)
+++ pypy/dist/pypy/doc/sandbox.txt	Wed Oct  3 20:04:55 2007
@@ -43,12 +43,9 @@
 stubs that do the marshalling/waiting/unmarshalling.  An attacker that
 tries to escape the sandbox is stuck within a C program that contains no
 external function call at all except to write to stdout and read from
-stdin.  (It's still attackable, e.g. by exploiting segfault-like
-situations, but as far as I can tell - unlike CPython - any RPython
-program is really robust against this kind of attack, at least if we
-enable the extra checks that all RPython list and string indexing are in
-range.  Alternatively, on Linux there is a lightweight OS-level
-sandboxing technique available by default - google for 'seccomp'.)
+stdin.  (It's still attackable in theory, e.g. by exploiting segfault-like
+situations, but as explained in the introduction we think that PyPy is
+rather safe against such attacks.)
 The outer controller is a plain Python program that can run in CPython
 or a regular PyPy.  It can perform any virtualization it likes, by

More information about the Pypy-commit mailing list