Sandboxes

Magnus Lycka lycka at carmen.se
Mon Aug 22 10:09:03 CEST 2005


42 wrote:
> Fair enough. I'm more or less ready to 'give up' on this fantasy of 
> python in a sandbox. I'll either use something else, or just accept the 
> risk. :)

But is the scripting language interpreter the right place to put
this? After all, any most languages would allow you to write
something like an infinite loop, which might hog resources unless
there is "something" outside the script that manages resources in
such a way that this is not a problem.

I've said this before: It's seems to me that this sandboxing should
be done by the operating system. If the script runs in something
like a chrooted environment, or with very restricted user permissions,
it's difficult to do a lot of damage. E.g. if it runs as a user with
no rights to execute, read or write files except those explicitly
needed to get the scripts running, you're no worse off than if you
allow the same user to log on to the machine with such limited
ability.

Right? Or have I missed something significant here?



More information about the Python-list mailing list