Try Python!

Serge Orlov Serge.Orlov at gmail.com
Thu Mar 30 08:00:10 CEST 2006


Michael Tobis wrote:
> We had some discussion of this in the edu-sig meeting at PyCon.
>
> I alleged that I had read that there is no such thing as a Python
> sandbox. Others claimed that one could simply preprocess and disallow
> "dangerous" constructs. My allegation was based on an argument from
> authority; I recalled reading the assertion from one of the c.l.p.
> regulars that I consider authoritative, though I don't remember which
> (Frederick, Alex, Aahz perhaps?).
>
> This is all in relation to why the rexec module went away, and is
> certainly relevant to what can be achieved in the sphere of teaching
> with python in general, and teaching python with python in particular.
>
> I refer you in particular to these messages from BDFL:
>
> http://mail.python.org/pipermail/python-dev/2002-December/031246.html
>
> http://mail.python.org/pipermail/python-dev/2002-December/031251.html
>
> So what is the scoop? Why does Guido say there is no such thing as a
> secure Python, and (as is generally reasonable) presuming he is correct
> on the matter, how can these sites work safely?

They should rely on the OS ability to restrict processes: set max
amount of physical and virtual memory used by the process, disable file
system access, disable sending of signals, set max amount of CPU time,
disable creation of new processes, etc... 

  Serge.




More information about the Python-list mailing list