question about Sandboxing.
Roman Suzi
rnd at onego.ru
Sat Aug 11 02:44:40 EDT 2001
On Sat, 11 Aug 2001, Surial wrote:
>In java, you have 2 features which AFAIK are not available in Python,
>which I always assumed to be required for sandboxing:
>
>'final':
>'private':
>
>How are these points addressed in RExec? (Python's
>sandboxing environment, as I've read).
Python's sandbox environment -- rexec.RExec class was discussed in the
thread rexec question, where I raised some other questions.
The summary is: rexec (and sandboxing) is not so useful to perfect it. The
main advantages were made to rexec while Grail (Python-based browser with
Python applets) was in development.
Now there is not enough people to want sandboxing. So, if you need it, you
can invest in making it better. I am sure that Python is reflictive
enough to allow every aspect of execution controlled.
There is no necessity to apply 'private' or 'final' to be safe. The
necessary thing is to prevent use of functions/methods of C extensions
which can really do something harmful.
Sincerely yours, Roman Suzi
--
_/ Russia _/ Karelia _/ Petrozavodsk _/ rnd at onego.ru _/
_/ Saturday, August 11, 2001 _/ Powered by Linux RedHat 6.2 _/
_/ "After a hard day, it's nice to come home to a warm cat." _/
More information about the Python-list
mailing list