Secure embedding of Python
phr-n2001 at nightsong.com
Thu Sep 27 23:14:01 CEST 2001
Take a look at the rexec/Bastion documentation. It lets you run Python
applets in a secure container. However, you shouldn't rely on the
interpreter itself being bug free. It's possible that a sneaky enough
applet can find a way out of the Bastion container and run native code.
So you should make sure that your server that runs the applets is running
as a non-privileged user, in a chroot cage with no access to the rest
of the file system. If the applet has to access objects containing
secure data, use a remote object scheme to put the secure data in a
separate Unix procecss communicating with the applet through sockets.
I've written an encryption class that works like that (encryption keys
are generated and saved in a separate process from the caller), which
I'll be posting soon--it might be useful as an example, though the
implementation isn't that great.
More information about the Python-list