Embedding a restricted python interpreter

Steve Holden steve at holdenweb.com
Thu Jan 6 16:40:59 CET 2005


Jp Calderone wrote:

[...]
> 
> 
>   A Python sandbox would be useful, but the hosting provider's excuse
> for not allowing you to use mod_python is completely bogus.  All the 
> necessary security tools for that situation are provided by the 
> platform in the form of process and user separation.

Not sure this is strictly true: mod_python gets loaded into the server's 
address space and gives the ability to add any type of handler. While 
Apache might well be able to respawn failed subprocesses, it's not 
something that most hosting providers would like to have to do all the 
time for many hosted sites.

regards
  Steve
-- 
Steve Holden               http://www.holdenweb.com/
Python Web Programming  http://pydish.holdenweb.com/
Holden Web LLC      +1 703 861 4237  +1 800 494 3119




More information about the Python-list mailing list