[Python-Dev] Reviving restricted mode?

Jim Baker jbaker at zyasoft.com
Tue Feb 24 23:11:00 CET 2009


This looks very interesting. What I like about Tav's approach is that it
should also be directly applicable to Jython. Much like Jython in general,
there's a tight correspondence between typeobject.c/PyType.java and
genobject.c/PyGenerator.java. So we plan on trying out a similar, presumably
small patch too.

What will be very helpful here is identifying a set of tests that verify
these claims of restricted execution.

- Jim

On Mon, Feb 23, 2009 at 4:03 PM, tav <tav at espians.com> wrote:

> Hey Martin,
>
> >> The patch is a mere 6 lines of code and provides the absolute minimum
> >> that is needed to secure the Python interpreter!
> >
> > Unlike Guido, I'm not quite willing to your word for it.
>
> You are right. Sorry, I was a bit too enthusiastic and overstated the case.
>
> How about: "it could possibly enable a secured Python interpreter" ?
>
> > OTOH, the patch looks harmless (with minor corrections). It could
> > be considered a bug fix for the current set of restricted attributes
>
> Yes, and it is in that light that I would like the patch to be accepted.
>
> --
> love, tav
>
> plex:espians/tav | tav at espians.com | +44 (0) 7809 569 369
> http://tav.espians.com | http://twitter.com/tav | skype:tavespian
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> http://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> http://mail.python.org/mailman/options/python-dev/jbaker%40zyasoft.com
>



-- 
Jim Baker
jbaker at zyasoft.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20090224/40601f3b/attachment.htm>


More information about the Python-Dev mailing list