Timothy J. Wood
tjw at omnigroup.com
Sat Oct 19 04:48:08 CEST 2002
On Friday, October 18, 2002, at 07:14 PM, Erik Max Francis wrote:
> This isn't really a security issue unless people can dynamically
> Python scripts that execute on _other_ peoples' machines. Having a
> scriptable engine doesn't mean that the scripts need to have security
> protections in place, unless that engine will be running in some
> entrusted location and untrusted scripts are what you plan to run.
As a script writer you will be able to make scripts available for
people to download -- but you won't be able to 'dynamically install'
them on someone else's machine. But the distinction is moot, really,
since most game players will be ignorant of the security implications
of various constructs and shouldn't be expected to do a security audit
of some code to play a new game type.
> If that is the case, then Python is really not a good choice; but then,
> very few languages would be suitable. Even security conscious
> usually can't protect you from mundane, malicious attacks, such as busy
> wait loops, or allocating objects to fill up memory, or spawning
> processes/threads to fill up process tables.
Sure -- all the resource-based DoS problems will still exist, but
these at least don't corrupt or expose any of the user's information.
They can kill the application, uninstall that game type and never play
I've also looked at Ruby a bit, but was put off by the relative
immaturity of their implementation, GC, and such. Perl seems a little
too big to be a suitable option. Java would be nice security-wise, but
the GC issues probably would probably make it unsuitable. I've not
looked at Lua in much detail, but what I did see didn't please me too
Really, I want the Ruby language, with some of Python's
implementation maturity and Java's security model. Clearly, I'm going
to be disappointed :), but I'm willing to do some work to make Python
do what I want (and hopefully this will help someone else out in the
More information about the Python-list