exec code with timeout?

Alex Martelli aleax at aleax.it
Mon Sep 8 11:42:46 CEST 2003


Graham Fawcett wrote:
   ...
>>preventing scripts from eating up all available RAM or simply never
>>terminating".  Preventing scripts from never terminating is exactly what
>>I am interested in.  (This isn't a halting problem kind of thing -- I
>>just want to unceremoniously kill exec-ed code that doesn't terminate in
   ...
> Hmm... well, again I'd suggest the PyThreadState_SetAsyncExc function. It
> shouldn't be that hard to wrap... I'd try it myself, but haven't made it
> to 2.3 yet.  :(

Nope -- the attacking script can easily use try/except to defeat attempts
to kill it via PyThreadState_SetAsyncExc .  The latter isn't meant for any
"adversarial" situation, but just for potentially _buggy_ threads.


> Or, if you're in Unix-land, how about forking? Let the user code
> run in the child fork, and let the other half take care of the timeout?
> It's easy to kill processes.

That's definitely the best way to go, particularly if you can couple
it with some mechanism such as the BSDs' "jail" concept -- let the
operating system deal with malicious processes (your task in terms of
architecture design then boils down to the inevitable one of defining
the "least-privileges" each given process absolutely HAS to have).


Alex





More information about the Python-list mailing list