[pypy-dev] tooling/sandboxing (remarks from Ikai Lan)

holger krekel holger at merlinux.eu
Fri Mar 11 20:07:43 CET 2011

On Fri, Mar 11, 2011 at 13:48 -0500, Alex Gaynor wrote:
> On Fri, Mar 11, 2011 at 1:46 PM, holger krekel <holger at merlinux.eu> wrote:
> > Hi all, especially devs at Pycon,
> >
> > FYI i just saw saw some tweets from Ikan Lan (http://twitter.com/#!/ikai )
> > who works with the Google App Engine time, oldest to newest:
> >
> >    At the Python VM panel. I want to believe alternate VMs are about
> >    more than just benchmarks. Question do not agree with me #pycon
> >
> >    For instance, I want to see the tooling that can be built around
> >    alternative VMs. Profilers, heap analyzers, better debuggers #pycon
> >
> >    Python VM implementors think sandboxing is not something that should
> >    be implemented at VM layer. Oh, well. #pycon
> >
> > To me, this does not seem to be fitting for PyPy, does it?
> > Maybe somebody can discuss a bit with him.  I still believe that Google
> > and GAE are a potentially very good application of PyPy tech.
> >
> That's a bit confusing IMO.  Maciej, Frank, and Dino all said that their VM
> supports sandboxing, but it shouldn't be implemente din a python specific
> way because Python is such a big language.  Not sure why someone would want
> Python specific sandboxing.

Ah, indeed confusing.  I would describe PyPy's sandobxing to be at VM level
as opposed to approaches that rather try to limit access to attributes
or recursively control by proxies on top of a VM.


More information about the Pypy-dev mailing list