[Python-Dev] Capabilities

Ben Laurie ben@algroup.co.uk
Thu, 03 Apr 2003 15:04:27 +0100

Paul Prescod wrote:
> Are DOS issues in scope? How do we prevent untrusted code from just 
> bringing the interpreter to a halt? A smart enough attacker could even 
> block all threads in the current process by finding a task that is 
> usually not time-sliced and making it go on for a very long time. 
> without looking at the Python implementation, I can't remember an 
> example off of the top of my head, but perhaps a large multiplication or 
> search-and-replace in a string.

It seems to me that this is an issue orthogonal to capabilities (though 
access to mechanisms that regulate it might well be capability-based).



http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff