[Python-Dev] Sandboxing Python
Guido van Rossum
guido at python.org
Mon Mar 5 22:47:59 CET 2012
On Mon, Mar 5, 2012 at 1:16 PM, Victor Stinner <victor.stinner at gmail.com> wrote:
> 2012/3/5 Serhiy Storchaka <storchaka at gmail.com>:
>> 05.03.12 11:09, Victor Stinner написав(ла):
>>
>>> pysandbox uses SIGALRM with a timeout of 5 seconds by default. You can
>>> change this timeout or disable it completly.
>>>
>>> pysandbox doesn't provide a function to limit the memory yet, you have
>>> to do it manually. It's not automatic because there is no portable way
>>> to implement such limit and it's difficult to configure it. For my IRC
>>> bot using pysandbox, setrlimit() is used with RLIMIT_AS.
>>
>>
>> But it does not work for extensive C-calculations. `sum(xrange(1000000000))`
>> runs 2.5 minutes on my computer instead of 5 seconds, and `map(sum,
>> [xrange(1000000000)] * 1000000)` -- almost infinity time. pysandbox doesn't
>> provide a reliable time limit too, it is also necessary to mention.
>
> Ah yes, I realized that SIGALRM is handled by the C signal handler,
> but Python only handles the signal later. sum() doesn't call
> PyErr_CheckSignals() to check for pending signals.
Just forbid the sandboxed code from using the signal module, and set
the signal to the default action (abort).
> Apply the timeout would require to modify the sum() function. A more
> generic solution would be to use a subprocess.
Maybe it would make more sense to add such a test to xrange()? (Maybe
not every iteration but every 10 or 100 iterations.)
--
--Guido van Rossum (python.org/~guido)
More information about the Python-Dev
mailing list