[Python-Dev] Sandboxing Python

[Serhiy Storchaka]

05.03.12 23:16, Victor Stinner написав(ла):
 > Apply the timeout would require to modify the sum() function.

sum() is just one, simple, example. Any C code could potentially run 
long enough. Another example is the recently discussed hashtable 
vulnerability:

  class badhash: __hash__ = int(42).__hash__
  set([badhash() for _ in range(100000)])

 > A more generic solution would be to use a subprocess.

Yes, it's the only way to secure implement the sandbox.