tjreedy at udel.edu
Thu Mar 30 04:51:07 CEST 2006
"Michael Tobis" <mtobis at gmail.com> wrote in message
news:1143675907.958211.253820 at j33g2000cwa.googlegroups.com...
> I refer you in particular to these messages from BDFL:
This one says that new style classes in 2.2 opened a new, sizable, security
hole. One can avoid this by running 2.1.
This one says that he doubts that Python will ever reach a level of no
security flaws. And that he does not want to spend his life just getting
> So what is the scoop? Why does Guido say there is no such thing as a
> secure Python, and (as is generally reasonable) presuming he is correct
> on the matter, how can these sites work safely?
There are, of course, degrees of security. Any site can choose to operate
with a lesser degree than Guido would accept for a 'secure Python' release.
If I were running a publicly available site, I would run Python under *nix
with someone with some security admin experience. I would use a dedicated
machine from a few years ago not needed for anything else. I would have
the full installation backed up on a bootable CD or DVD. I would expect
most visitors to not pee in the fountain. And I would expect to have to
reinstall occasionally when someone did.
And I would at least remove all the net access and protocol modules and
worry about making sure that the interpreter had no access to the system
net resources so as to not be a vehicle for damaging other machines.
Terry Jan Reedy
More information about the Python-list