[Python-Dev] The pysandbox project is broken
Eli Bendersky
eliben at gmail.com
Thu Nov 14 19:28:54 CET 2013
On Wed, Nov 13, 2013 at 10:27 AM, Brett Cannon <brett at python.org> wrote:
>
>
>
> On Wed, Nov 13, 2013 at 1:05 PM, Eli Bendersky <eliben at gmail.com> wrote:
>
>>
>>
>>
>> On Wed, Nov 13, 2013 at 6:58 AM, Brett Cannon <brett at python.org> wrote:
>>
>>>
>>>
>>>
>>> On Wed, Nov 13, 2013 at 6:30 AM, Facundo Batista <
>>> facundobatista at gmail.com> wrote:
>>>
>>>> On Wed, Nov 13, 2013 at 4:37 AM, Maciej Fijalkowski <fijall at gmail.com>
>>>> wrote:
>>>>
>>>> >> Do you think it would be productive to create an independent Python
>>>> >> compiler, designed with sandboxing in mind from the beginning?
>>>> >
>>>> > PyPy sandbox does work FYI
>>>> >
>>>> > It might not do exactly what you want, but it both provides a full
>>>> > python and security.
>>>>
>>>> If we have sandboxing using PyPy... what also we need to put Python
>>>> running in the browser? (like javascript, you know)
>>>>
>>>> Thanks!
>>>>
>>>
>>> You can try to get PNaCl to work with Python to get a Python executable
>>> that at least Chrome can run.
>>>
>>
>> Two corrections:
>>
>> 1. CPython already works with NaCl and PNaCl (there are working patches
>> in naclports to build it)
>>
>
> Anything that should be upstreamed?
>
>
>> 2. It can be used outside Chrome as well, using the standalone "sel_ldr"
>> tool that will then allow to run a sandboxed CPython .nexe from the command
>> line
>>
>
> Sure, but I was just thinking about the "in browser" question Facundo
> asked about.
>
FWIW, if you already have Chrome 31, go to:
http://commondatastorage.googleapis.com/nativeclient-mirror/naclports/pepper_33/988/publish/python/pnacl/index.html
This is CPython running on top of PNaCl, at near-native speed. With C
extensions. With threads. It's 2.7.5 but we'll put up 3.4 too soon (anyone
can do it though - based on naclports).
The first load takes a bit of time, afterwards it's cached and
instantaneous.
Now all that's left is for someone to come up with a friendly API to wrap
around the Pepper interface to conveniently access DOM :-)
Eli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20131114/5b14fdd8/attachment.html>
More information about the Python-Dev
mailing list