[pypy-dev] Running untrusted code in pypy

[Vinj Vinj]

PyPy does not (currently) aim at offering cpu/mem
> restrictions, but you could use virtual hosts (XEN
or vserver)
> for that, both offer such restriction settings. 
PyPy itself
> may help with the Taint Object Space: 
> 
Unfortunately, for my use cases, using virtual hosts
will not work. All the user models work on time series
price data. This data can get very large and has to be
shared by all user models. It is not practical for
each vmware client to have its own copy of user data.
With lua, I'm able to share this time series with all
user models and still ensure that all the models are
run securely. 


obviously all depends a bit on concrete use cases
> and intentions). 
> 
Among many things, will I be able to restrict the user
from doing:

1. a = []*10000000000000000000000000
2. a = 23**3294832098980989898
3. disable recursive calls
4. writing while loops which never end
5. etc. 

I'm trying to get a feel for whether this kind of
thing would be (in the future) possible with pypy.
With cPython, I've been told that it is just not going
to be possible. Which is why, I moved to lua for user
models. I would much rather use python so that I don't
have to maintain the python-lua bridge. 

Michael and Christian are going to be there,
> 
Cool. 

Thanks,

Vineet



 
____________________________________________________________________________________
Looking for earth-friendly autos? 
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center.
http://autos.yahoo.com/green_center/