Secure Python
Hendrik van Rooyen
mail at microcorp.co.za
Fri Nov 17 08:57:04 EST 2006
"Stephan Kuhagen" <nospam at domain.tld> wrote:
> The problem with linux kernel limits are, that they won't work really good
> on MacOSX and Windows... OTOH the idea is the right one, but the effect can
> be achieved inside of Python. Since Python does byte compile the code and
> the interpreter evaluates each byte code token in one evaluation step. The
> interpreter could be extended for such usecases to count and limit the
> number of evaluation steps allowed for untrusted script or methods in
> untrusted script as well as to limit the recursion depth or memory to be
> allocated. All those limits are managed by the interpreter for script code
> and hence can be limited for untrusted code by the interpreter. This also
> does not really make DoS impossible (what about C extensions? - maybe
> restricting "import"?). - As I said before in this thread, making a sandbox
> really secure is a hard job, and may need some serious changes in the
> Python interpreter, but AFAIK from Tcl, it is possible - and would be nice
> to have.
I seem to recall previous discussion on this group about a thing called the
bastion module,
and that it was deprecated. Not sure if it has any relevance.
- Hendrik
More information about the Python-list
mailing list