Embedding a restricted python interpreter

[Paul Rubin]

Peter Maas <peter at somewhere.com> writes:
> I think PHP has a safe mode which solves the probem of isolating
> scripts of different users on application level. This is not optimal
> but better than nothing. Best solution would probably be to create
> a thread for each request that can operate only with the id of an
> authenticated user. But this seems to be a problem with Apache or
> with Linux?

Threads wouldn't do it--you'd need separate processes.  For example,
multiple threads in the same process can access each other's file
descriptors.