[Python-Dev] Sandboxing Python
Victor Stinner
victor.stinner at gmail.com
Sat Mar 3 22:37:54 CET 2012
Hi,
Le 03/03/2012 20:13, Armin Rigo a écrit :
>>> I challenge anymore to break pysandbox! I would be happy if anyone
>>> breaks it because it would make it more stronger.
>
> I tried to run the files from Lib/test/crashers and --- kind of
> obviously --- I found at least two of them that still segfaults
> execfile.py, sometimes with minor edits and sometimes directly, on
> CPython 2.7.
As described in the README file of pysandbox, pysandbox doesn't protect
against vulnerabilities or bugs in Python.
> As usual, I don't see the point of "challenging" us when we have
> crashers already documented. Also, it's not like Lib/test/crashers
> contains in detail *all* crashers that exist; some of them are of the
> kind "there is a general issue with xxx, here is an example".
>
> If you are not concerned about segfaults but only real attacks, then
> fine, I will not spend the hours necessary to turn the segfault into a
> real attack :-)
You may be able to exploit crashers, but I don't plan to workaround such
CPython bug in pysandbox.
I'm looking for vulnerabilities in pysandbox, not in CPython.
Victor
More information about the Python-Dev
mailing list