[Python-Dev] Reviving restricted mode?

Chris Angelico rosuav at gmail.com
Wed Aug 13 19:06:01 CEST 2014

On Thu, Aug 14, 2014 at 2:58 AM, Steven D'Aprano <steve at pearwood.info> wrote:
>> It's certainly not *fundamentally* impossible to sandbox Python.
>> However, the question becomes one of how much effort you're going to
>> go to and how much you're going to restrict the code.
> I believe that PyPy has an effective sandbox, but to what degree of
> effectiveness I don't know.

A potential attacker can have arbitrary code run in the subprocess,
but cannot actually do any input/output not controlled by the outer
process. Additional barriers are put to limit the amount of RAM and
CPU time used.

Note that this is very different from sandboxing at the Python
language level, i.e. placing restrictions on what kind of Python code
the attacker is allowed to run (why? read about pysandbox).

That's quite useful, but isn't the same thing as a Python-in-Python
sandbox (or even what I was doing, Python-in-C++).


More information about the Python-Dev mailing list