[pypy-svn] r63388 - pypy/extradoc/talk/pycon2009/pypy-sandbox

Fri Mar 27 15:07:49 CET 2009

Author: hpk
Date: Fri Mar 27 15:07:46 2009
New Revision: 63388

Modified:
   pypy/extradoc/talk/pycon2009/pypy-sandbox/sandbox.txt
Log:
updates, an XXX.  



Modified: pypy/extradoc/talk/pycon2009/pypy-sandbox/sandbox.txt
==============================================================================

--- pypy/extradoc/talk/pycon2009/pypy-sandbox/sandbox.txt	(original)
+++ pypy/extradoc/talk/pycon2009/pypy-sandbox/sandbox.txt	Fri Mar 27 15:07:46 2009
@@ -5,12 +5,11 @@
 This talk contents
 ==================
 
-* How to run sandboxed Python using
-  PyPy
+* Problems with current sandboxing approaches
 
-* A couple of demos
+* PyPy sandboxing and virtualization
 
-* How to define security policies
+* A couple of demos
 
 * Status, future, Q&A
 
@@ -55,82 +54,107 @@
 * "Noone cracked it so far" approach is not
   "security by design"
 
-Our approach
-==============
+"fixing all places manually"
+=================================
+
+sidenote: enter the "browser hack" challenge a week ago:
+
+* **fully security-updated** IE8, Firefox, Safari access an URL 
+
+* hacker answers the URL access 
+
+* within a day above browsers were hacked
+
+**something is wrong with an approach
+that despite so much attention and effort
+is so easy to break**
+
+PyPy's sandboxing
+==================
 
-* Modify all calls to platform (C) into something
-  harmless. XXX what?
+automatically transform all C-lib/os calls 
+in our low-level graph representation 
+of the interpreter. 
 
-* Do that in a systematic manner, not touching the interpreter
-  source
+PyPy virtualized Interpreter 
+====================================
 
-* Small code base to be trusted
+.. image:: img/sandbox1.png 
+   :scale: 100
+   :align: left
 
-* Changes to interpreter doesn't break anything
+Places to security-review
+=============================
 
-But there is more...
+* algos for transforming the graphs
+* interaction code controler<->sandbox 
+* controler process code
+
+Robustness and freedom!
+==========================
+
+Changes to the interpreter don't break sandbox! 
+
+Additional goodies
 ====================
 
 * Memory limit (GC support)
 
 * CPU time limit
 
-* XXX ...
-
 Drawbacks
 ==========
 
 * Each sandbox is in a separate process
 
-* Sandbox doesn't have a direct access to any
-  APIs
+* Sandbox doesn't have direct access to any APIs
 
-How to use it?
-===============
+How to use it today?
+=======================
 
 * translate pypy with --sandbox (takes a while)
 
 * run using pypy_interact.py
 
-* implement your own custom policy
-
 * demo
 
 Embedding in your web app
 =========================
 
-* http://codespeak.net/svn/user/getxsick/django-sandbox/
+http://codespeak.net/svn/user/getxsick/django-sandbox/
 
 Custom file access policies
 ============================
 
-* write your own python code to control it
+code your own policy in plain python
 
 Custom APIs
 ============
 
+XXX why "Custom APIs" in the title? find this slide confusing
+
 * provide an API that marshals/pickles data to
   an outer layer
 
-* outer layer that accesses actual platform
+* controling process accesses actual platform
 
 What next?
 ==========
 
-* Definitely write more docs, advertise it a bit
-  more
+* come up with nice methods of integrating with 
+  App code, try PyPy's transparent proxies? 
 
-* Blog
+* Improve docs, spawn separate project
 
-* Special web page
-
-* besides that, it's ready to use
+* get funding for teaching and helping 
+  companies to make full use of it. 
 
 Q&A
 ===
 
-* http://merlinux.eu
+Maciej Fijalkowski, Holger Krekel at
+
+http://merlinux.eu
 
-* http://pypy.org
+Project webpage: http://pypy.org
 
-* We really need a special web page....

