[pypy-dev] Running untrusted code in pypy

Gangadhar NPK npk.gangadhar at gmail.com
Tue Feb 20 19:19:37 CET 2007


Vineet,
Though not directly related to this post, I would be interested to
know how you have modified the lua core to provide individual VMs for
users to operate within. The problem you are trying to solve is to
enable pythonic access within Lua, but I am more interested in
restricted user level execution model, and would like to know more
about it. May be you can drop a note (either to the list or to my mail
id) when you get some time.

Thank You
Gangadhar

On 2/20/07, Jeff Rush <jeff at taupro.com> wrote:
> James Matthews wrote:
> > How can you detect such code running ( all the bad code)
>
> A complicated topic that can't be covered in a brief email but Python used to
> have a security model/features:
>
>    http://www.python.org/doc/2.3.5/lib/restricted.html
>
> but there were ways to escape the sandbox.  Perhaps they could be closed but
> no one had the time to carefully study the matter, so it was disabled in 2.3
> and I believe removed in 2.5.
>
> Brett Cannon is re-opening the matter.  You can read about his approach at:
>
>    http://tinyurl.com/2sh55f
>
> Many in the Python community are excited because it will finally bring
> capability-based security to Python, if it works.
>
> There is also some cross-pollination of ideas re capabilities with the
> one-laptop-per-child project, who recently published their security model.
> They have a lot of Python code to secure, in a potentially hostile
> laptop/network environment.  You can read about their model at:
>
>    http://wiki.laptop.org/go/Bitfrost
>
> Ask Ivan Krstić about Bitfrost, whose development he led.  He is giving the
> opening keynote at PyCon on Friday morning.
>
> -Jeff
>
>
> > On 2/19/07, *Jeff Rush* <jeff at taupro.com <mailto:jeff at taupro.com>> wrote:
> >
> >     Vinj Vinj wrote:
> >      >
> >      > With cPython, I've been told that it is just not going
> >      > to be possible. Which is why, I moved to lua for user
> >      > models.
> >
> >     It sounds like you're going to be at PyCon, so be sure not to miss
> >     the talk on
> >     Saturday afternoon:
> >
> >     Securing Python: "Protecting the interpreter from code wielding
> >     fresh fruit."
> >     (#41) by Brett Cannon
> >
> >     "Python currently has no security model. This talk discusses why
> >     this is and
> >     how I am fixing the problem."
>
> _______________________________________________
> pypy-dev at codespeak.net
> http://codespeak.net/mailman/listinfo/pypy-dev


More information about the Pypy-dev mailing list