[pypy-svn] r47122 - pypy/dist/pypy/doc
lac at codespeak.net
lac at codespeak.net
Wed Oct 3 20:07:36 CEST 2007
Author: lac
Date: Wed Oct 3 20:07:35 2007
New Revision: 47122
Modified:
pypy/dist/pypy/doc/sandbox.txt
Log:
minor grammar tweaks and typos fixed
Modified: pypy/dist/pypy/doc/sandbox.txt
==============================================================================
--- pypy/dist/pypy/doc/sandbox.txt (original)
+++ pypy/dist/pypy/doc/sandbox.txt Wed Oct 3 20:07:35 2007
@@ -29,20 +29,20 @@
Overview
--------
-One of PyPy's translation aspect is a sandboxing feature. It's "sandboxing" as
+One of PyPy's translation aspects is a sandboxing feature. It's "sandboxing" as
in "full virtualization", but done in normal C with no OS support at all. It's
a two-processes model: we can translate PyPy to a special "pypy-c-sandbox"
-executable, which is safe in the sense that it doesn't do any library or system
-call - instead, whenever it would like to perform such an operation, it
+executable, which is safe in the sense that it doesn't do any library or
+system calls - instead, whenever it would like to perform such an operation, it
marshals the operation name and the arguments to its stdout and it waits for
the marshalled result on its stdin. This pypy-c-sandbox process is meant to be
-run by an outer "controller" program that answers to these operation requests.
+run by an outer "controller" program that answers these operation requests.
The pypy-c-sandbox program is obtained by adding a transformation during
translation, which turns all RPython-level external function calls into
stubs that do the marshalling/waiting/unmarshalling. An attacker that
tries to escape the sandbox is stuck within a C program that contains no
-external function call at all except to write to stdout and read from
+external function calls at all except for writing to stdout and reading from
stdin. (It's still attackable in theory, e.g. by exploiting segfault-like
situations, but as explained in the introduction we think that PyPy is
rather safe against such attacks.)
@@ -88,7 +88,7 @@
./pypy_interact.py /some/path/pypy-c-sandbox [args...]
-Just like pypy-c, if you pass no argument you get the interactive
+Just like with pypy-c, if you pass no argument you get the interactive
prompt. In theory it's impossible to do anything bad or read a random
file on the machine from this prompt. To pass a script as an argument you need
to put it in a directory along with all its dependencies, and ask
More information about the Pypy-commit
mailing list