Creating a capabilities-based restricted execution system
Sat Jan 3 10:09:04 CET 2004
"Sean R. Lynch" <seanl at chaosring.org> writes:
> Does anyone think I'm going in completely the wrong direction here? Am
> I missing anything obvious?
Well, I have a dumb question. Have you studied the security failures
of rexec/Bastion and convinced yourself that they don't happen to your
You might look at the PyPy architecture doc if you haven't yet.
Making a separate object space for restricted objects may fit PyPy's
design quite naturally.
More information about the Python-list