[pypy-dev] How to make a builtin pypy module visible?
Yicong Huang
hengha.mao at gmail.com
Thu May 28 18:11:45 CEST 2015
Hi Armin,
Thanks for the solution!
I tired it, and found out a command "reload(socket)" could break it.
So I might consider my previous method is more safer.
The protection is at the function entry point. In addition,
'criticalsection' module and customized 'select' module are both build into
libpypy-c.so. It might be more difficult to break.
And for the mentioned RPython error: "object with a __call__ is not RPython",
any advices?
On Thu, May 28, 2015 at 11:41 PM, Armin Rigo <arigo at tunes.org> wrote:
> Hi Yicong,
>
> On 28 May 2015 at 17:09, Yicong Huang <hengha.mao at gmail.com> wrote:
> > To achieve this purpose, here are my plans:
> > 1. Write a builtin RPython module 'criticalsection', because I thought
> only
> > builtin RPython module could be used for existed builtin RPython module
> > 2. For the list of builtin functions that we might block, add the code in
> > the begining of those functions, e.g.
> >
> > def epoll:
> > if criticalsection.isInCriticalSection() and
> > criticalsection.block('select.epoll')
> > return None
> > ... the original code...
>
> How about this pure Python solution, which would give the equivalent
> level of security (i.e., okish against naive code, but no hard
> security against a motivated attacker):
>
> def just_returns_none(*args, **kwds):
> return None
>
> def enter_critical_section():
> socket.epoll = just_returns_none
>
> original_socket_epoll = socket.epoll
>
> def leave_criticial_section():
> socket.epoll = original_socket_epoll
>
>
> A bientôt,
>
> Armin.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/pypy-dev/attachments/20150529/6927e5d1/attachment.html>
More information about the pypy-dev
mailing list