[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
Nikolaus Rath
Nikolaus at rath.org
Sun Apr 10 17:08:16 EDT 2016
On Apr 10 2016, Jon Ribbens <jon+python-dev at unequivocal.co.uk> wrote:
> On Sat, Apr 09, 2016 at 02:43:19PM +0200, Victor Stinner wrote:
>> Please don't loose time trying yet another sandbox inside CPython. It's
>> just a waste of time. It's broken by design.
>>
>> Please read my email about my attempt (pysandbox):
>> https://lwn.net/Articles/574323/
>>
>> And the LWN article:
>> https://lwn.net/Articles/574215/
>>
>> There are a lot of safe ways to run CPython inside a sandbox (and not rhe
>> opposite).
>>
>> I started as you, add more and more things to a blacklist, but it doesn't
>> work.
>
> That's the opposite of my approach though - I'm starting small and
> adding things, not starting with everything and removing stuff.
That contradicts what you said in another mail:
On Apr 08 2016, Jon Ribbens <jon+python-dev at unequivocal.co.uk> wrote:
> Ah, I've not used Python 3.5, and I can't find any documentation on
> this cr_frame business, but I've added cr_frame and f_back to the
> disallowed attributes list.
Best,
-Nikolaus
--
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F
»Time flies like an arrow, fruit flies like a Banana.«
More information about the Python-Dev
mailing list