Any way to restrict execution with regard to execution time??
Tim Peters
tim.one at home.com
Wed Jan 17 17:06:31 EST 2001
[rturpin at my-deja.com]
> The restricted execution module let's you run untrusted code
> in a fashion that gives it only guarded access to the file
> system, operating system services, and other important
> resources. However, it provides no guard for the most important
> resource: execution time. The moment untrusted code is
> invoked by r_exec, it can go into an infinite loop.
> ...
> How can C1 run C2 guaranteeing that C2's execution is
> interrupted after some finite amount of time, if it hasn't
> finished by then? C2 is from an untrusted source, so the
> answer cannot be phrased in terms of how C2 is written. I'd be
> much obliged to anyone who can tell me how to do this!
How would you accomplish this in C? Same thing.
Since Python runs arbitrary C code in 3rd-party extension modules too
(trusted or not), there's nothing Python can do for you here on its own.
Python isn't an OS. The only semi-portable approach I know of is to spin
off C2 into a separate *process*, and use native OS process-peeking
facilities to monitor its resource use (time isn't the only thing you should
be worried about -- disk use, # of network connections, memory use, yadda
yadda), and native OS process-killing facilities to punish the wicked.
no-magic-here-ly y'rs - tim
More information about the Python-list
mailing list