[pypy-dev] Re: Mixed modules for both PyPy and CPython
hpk at trillke.net
Sun Apr 16 22:44:43 CEST 2006
On Sat, Apr 15, 2006 at 17:38 -0600, VanL wrote:
> holger krekel wrote:
> >>Second, comments on py3k list indicated that secure python is difficult
> >>because of a) introspection, b) type inference, and c) GIL acquisition.
> >Hum, this list looks a bit weird to me. Could you state what
> >the actual attacks are for which security measures are discussed?
> >Or which use cases are people on py3k having in mind?
> This is an amalgam of several different posts (and maybe different
> threads) but here goes:
hey, thanks for the effort!
> In the thread "Will we have a true restricted exec environment for
> python 3000," Vineet Jain asked for a restricted mode which would
> "1. Limit the memory consumed by the script
> 2. Limit access to file system and other system resources
> 3. Limit cpu time that the script will take
> 4. Be able to specify which modules are available for import."
all more or less relates to the "sandbox" idea.
> In responses to that request, various people commented on the
> difficulties of implementing such a restricted mode. On that thread,
> several people had the same idea I had, to try to use PyPy for this
> purpose - however, it didn't look like many people were up-to-date
> reading both lists (and thus familiar-ish with PyPy's execution model).
Yes, using PyPy's metaprogramming facilities for implementing sandbox
models should make the tasks relatively easy. "Metaprogramming" because
PyPy is about writing a program that generates programs which happen to
be a full Python interpreter. But it's also true that we haven't
had concise discussions (or rather never documented the results :)
about how to implement the above. But the fact that we can
instrument our GC, resource handling code, or the main interpreter
loop and accordingly produce a full python interpreter gives us
various ways to go about the sandbox problem. Funny little
thesis topic, i'd say :)
> A) Introspection
> ... introspection funnyness ...
> Python's powerful introspection is a severe drawback from a security POV
> - it is *really* hard to make a user stay in a box you put them in
> without crippling some part of the language as a side effect."
All the possible ways to introspect your way around the python
object model makes one wonder if protecting the resources
isn't a more viable approach than protecting navigation.
> Thus, in CPy, allowing someone to access a C type effectively opens up
> all the C types. In PyPy, however, each type is effectively in its own
> box. Further, PyPy already has a structure that can deal with these
> sorts of accesses: the flowgraph. Operations in PyPy come about because
> of traversals of the graph - certain branches of the graph could be
> restricted or proxied out to a trusted interpreter.
Applying systematic transformations to families of graphs (relating
to IO resources, say) is one possibility. Lately we seem to want
to express almost everything as graph transformations, btw.
> B) GIL Acquisition
> Another person suggested leveraging the multiple subinterpreter code
> which already exists in CPython to create a restricted-exec interpreter.
> MvL noted that GIL acquisition made that difficult:
> "Part of the problem is that it doesn't really work. Some objects *are*
> shared across interpreters, such as global objects in extension modules
> (extension modules are initialized only once). I believe that the GIL
> management code (for acquiring the GIL out of nowhere) breaks if there
> are multiple interpreters."
For PyPy, it need not be true that the GIL makes protecting resources
harder. Then again, it doesn't matter so much because i don't think that
we'll require a sub-interpreter for implementing resource protection
(but who knows :)
I guess we should discuss sometime on which path to follow
(also see my other mail). Any opinions on that, btw?
best and thanks!
More information about the Pypy-dev