[pypy-dev] Running untrusted code in pypy

Vinj Vinj vinjvinj at yahoo.com
Mon Feb 19 19:49:45 CET 2007

> How is the data shared? Using files or somehow

Slices of numeric python arrays

> custom mark-and-sweep garbage collector. This
collector collects quite a
> bit information while it is running, especially how
much non-dead memory
> is used currently. This would make it possible to
impose a hard limit there.

Ok. But this limit would be for the entire app and not
per user model. This should be fine, I would just take
the penalty of the OS/interpretor than releasing back
all the unused memory. 

> Doable, but harder (and I guess you mean this in a
more general way than
> just checking during long computations). You would
need a transformation
> that inserts checks into the PyPy graphs to see
whether something is
> running too long without ever reaching the
interpreter main loop. You
> might be better served with having the program run
with a timeout.

I think again os based timeout interrupts would work
fine? Do you see
any downside of using os level interrupts? Any way
that the application
would not be able to catch them?

> You could fix the recursion limit.

Again this would be for the entire application and not
per user model. 

> Another thing I can see there is accessing the file
system in malicious
> ways. Can be fixed on the OS level, I guess. You
could not include
> things like socket into your PyPy interpreter

This is the tricky part. The main python application
used a lot of
cPython libraries, so not including them in the
interpreter was not an
option. I was hoping that there would be some other
way which could tell
the pypy interpreter, before it executes a certain
piece of code, that
access to the following list of modules ([x, y, z...])
is allowed.

> As Holger said, it depends very much on what exactly
you want. In PyPy
> usually many things are possible and you have to
choose the right
> possibilities.

> Do you know about lunatic Python? 

Yes. I'm using a modified version of this library. 


Don't pick lemons.
See all the new 2007 cars at Yahoo! Autos.

More information about the Pypy-dev mailing list