Thu, 03 Apr 2003 15:04:27 +0100
Paul Prescod wrote:
> Are DOS issues in scope? How do we prevent untrusted code from just
> bringing the interpreter to a halt? A smart enough attacker could even
> block all threads in the current process by finding a task that is
> usually not time-sliced and making it go on for a very long time.
> without looking at the Python implementation, I can't remember an
> example off of the top of my head, but perhaps a large multiplication or
> search-and-replace in a string.
It seems to me that this is an issue orthogonal to capabilities (though
access to mechanisms that regulate it might well be capability-based).
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff