[pypy-dev] Sandboxing pypy

Søren Laursen sl at scrooge.dk
Tue Mar 23 22:46:50 CET 2010


I have been following  the pypy project for over a year. And I have been
playing around with it for some time.

The project I am working with Minimum Intrusion Grid : MiG (
http://sites.google.com/site/minimumintrusiongrid/) are looking into using

I would like to use it for sandboxing user code in MiG, more specific allow
the users to develop their own “scheduler” .

The MiG, it self is written in Python so we might even be able to run it on
pypy.  But right now it is the sandboxing that I am working with.

For me it is a bit unclear in the documentation/website, but for that I read
into “An attacker that tries to escape the sandbox is stuck within a C
program that contains no external function calls at all except for writing
to stdout and reading from stdin.” means that I have to write functions that
emulates file read/write operations.

I have tried different things using the pypy_interact.py (just love the
–timeout parameter J), looked at code but have not been able to read files
or write files using the pypy_interact.py.

What have I missed?


Søren Laursen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/pypy-dev/attachments/20100323/a022a9bd/attachment.html>

More information about the Pypy-dev mailing list