[Python-Dev] The pysandbox project is broken

Nick Coghlan ncoghlan at gmail.com
Sat Nov 16 01:31:05 CET 2013


On 16 Nov 2013 08:25, "Christian Tismer" <tismer at stackless.com> wrote:
>
> On 13/11/13 00:49, Josiah Carlson wrote:
>>
>>
>> Python-dev is for the development of the Python core language, the
CPython runtime, and libraries. Your sandbox, despite using and requiring
deep knowledge of the runtime, is not developing those things. If you had a
series of requests for the language or runtime that would make your job
easier, then your thread would be on-topic.
>>
>
> I think you should consider to re-define you perception of the purpose
> of the python-dev list. Simple feature-requests is not everything.
> Instead, this list also touches the general direction where python should
> go, and discusses the current hard-to-solve problems.
>
> The sand-boxing feature via rexec, bastion etc. was perceived as a
useful, quite
> safe thing, until it was proven to be completely broken (Samuele Pedroni
et. at., 2003
> I think). After that, CPython simply removed those features and failed
completely to
> provide a better solution.

"Use an OS level sandbox" *is* better from a security point of view. It's
just not portable :P

Cheers,
Nick.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20131116/e1f3ed0e/attachment.html>


More information about the Python-Dev mailing list