[Python-Dev] Reviving restricted mode?

matsjoyce matsjoyce at gmail.com
Wed Aug 13 18:17:13 CEST 2014


Unless you remove all the things labelled "keep away from children". I
wrote this sandbox to allow python to be used as a "mods"/"add-ons"
language for a game I'm writing, hence the perhaps too strict nature.

About the crashers: as this is for games, its "fine" for the game to crash,
as long as the sandbox is not broken while crashing.

time and math can probably be allowed, but random imports a lot of
undesirable modules.

My sandbox doesn't use proxies, due to the introspection and complexity
that it involves. Instead it completely isolates the sandboxed globals, and
checks all arguments and globals for irregularities before passing control
to non-sandboxed functions.


On 13 August 2014 14:11, Isaac Morland <ijmorlan at uwaterloo.ca> wrote:

> On Mon, 11 Aug 2014, Skip Montanaro wrote:
>
>  On Mon, Aug 11, 2014 at 12:42 PM, matsjoyce <matsjoyce at gmail.com> wrote:
>>
>>> There maybe some holes in my approach, but I can't find them.
>>>
>>
>> There's the rub. Given time, I suspect someone will discover a hole or
>> two.
>>
>
> Schneier's Law:
>
>         Any person can invent a security system so clever that she or he
> can't
>         think of how to break it.
>
> While I would not claim a Python sandbox is utterly impossible, I'm
> suspicious that the whole "consenting adults" approach in Python is
> incompatible with a sandbox.  The whole idea of a sandbox is to absolutely
> prevent people from doing things even if they really want to and know what
> they are doing.
>
> Isaac Morland                   CSCF Web Guru
> DC 2554C, x36650                WWW Software Specialist
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140813/2ab96e13/attachment.html>


More information about the Python-Dev mailing list