exec code with timeout?
Alex Martelli
aleax at aleax.it
Mon Sep 8 05:42:46 EDT 2003
Graham Fawcett wrote:
...
>>preventing scripts from eating up all available RAM or simply never
>>terminating". Preventing scripts from never terminating is exactly what
>>I am interested in. (This isn't a halting problem kind of thing -- I
>>just want to unceremoniously kill exec-ed code that doesn't terminate in
...
> Hmm... well, again I'd suggest the PyThreadState_SetAsyncExc function. It
> shouldn't be that hard to wrap... I'd try it myself, but haven't made it
> to 2.3 yet. :(
Nope -- the attacking script can easily use try/except to defeat attempts
to kill it via PyThreadState_SetAsyncExc . The latter isn't meant for any
"adversarial" situation, but just for potentially _buggy_ threads.
> Or, if you're in Unix-land, how about forking? Let the user code
> run in the child fork, and let the other half take care of the timeout?
> It's easy to kill processes.
That's definitely the best way to go, particularly if you can couple
it with some mechanism such as the BSDs' "jail" concept -- let the
operating system deal with malicious processes (your task in terms of
architecture design then boils down to the inevitable one of defining
the "least-privileges" each given process absolutely HAS to have).
Alex
More information about the Python-list
mailing list