[Python-checkins] r50656 - python/branches/bcannon-sandboxing/sandboxing_design_doc.txt

brett.cannon python-checkins at python.org
Sat Jul 15 00:37:16 CEST 2006


Author: brett.cannon
Date: Sat Jul 15 00:37:15 2006
New Revision: 50656

Modified:
   python/branches/bcannon-sandboxing/sandboxing_design_doc.txt
Log:
Mention built-in modules (_sre, posix, etc.).


Modified: python/branches/bcannon-sandboxing/sandboxing_design_doc.txt
==============================================================================
--- python/branches/bcannon-sandboxing/sandboxing_design_doc.txt	(original)
+++ python/branches/bcannon-sandboxing/sandboxing_design_doc.txt	Sat Jul 15 00:37:15 2006
@@ -53,6 +53,7 @@
 * merge from HEAD
     + last merge on rev. 47248
 * remove bare malloc()/realloc()/free() uses
+    + also watch out for PyObject_Malloc()/PyObject_MALLOC() calls
 * note in SpecialBuilds.txt
 
 
@@ -387,9 +388,11 @@
   in a bare interpreter.
 * Python source code is always considered safe.
 * Python bytecode is always considered dangerous [`Hostile Bytecode`_].
-* C extension modules are inherently considered dangerous
+* C extension modules are inherently considered dangerous.
   [`Extension Module Importation`_].
     + Explicit trust of a C extension module is possible.
+* Built-in modules are considered dangerous.
+    + Explicit trust of a built-in module is possible.
 * Sandboxed interpreters running in the same process inherently cannot
   communicate with each other.
     + Communication through C extension modules is possible because of
@@ -520,22 +523,34 @@
     protected directly
 - PyMem_New()
     implicitly protected by macro using PyMem_Malloc()
-- PyMem_Resize
+- PyMem_Resize()
     implicitly protected by macro using PyMem_Realloc()
-- PyMem_Del
+- PyMem_Del()
     implicitly protected by macro using PyMem_Free()
-- PyMem_MALLOC
+- PyMem_MALLOC()
     redefine macro to use PyMem_Malloc()
-- PyMem_REALLOC
+- PyMem_REALLOC()
     redefine macro to use PyMem_Realloc()
-- PyMem_FREE
+- PyMem_FREE()
     redefine macro to use PyMem_Free()
-- PyMem_NEW
+- PyMem_NEW()
     implicitly protected by macro using PyMem_MALLOC()
-- PyMem_RESIZE
+- PyMem_RESIZE()
     implicitly protected by macro using PyMem_REALLOC()
-- PyMem_DEL
+- PyMem_DEL()
     implicitly protected by macro using PyMem_FREE()
+- PyObject_Malloc()
+    XXX
+- PyObject_Realloc()
+    XXX
+- PyObject_Free()
+    XXX
+- PyObject_MALLOC()
+    XXX
+- PyObject_REALLOC()
+    XXX
+- PyObject_FREE()
+    XXX
 
 
 Why


More information about the Python-checkins mailing list