Secure Python
Diez B. Roggisch
deets at nospam.web.de
Thu Nov 16 08:54:49 EST 2006
>
> as posted before, linux kernel limit.
>
> then you and your users can go as crazy as you want and you won't take
> out your system.
>
> maybe you should think a little more before going on the attack like that.
You should maybe read a little bit more when making bold statements about
the feasibility of a sandboxed _PYTHON_. The OP wrote:
"""
I was thinking that maybe it could be possible to load and run untrusted
Python code, simply by loading it in a module with a modified version of
__builtins__. Without any reachable function that do unsafe operations,
code running from there shouldn't be able to do evil things.
"""
At least to me - and I presume pretty much everybody except you in this
thread - this means that he is interested in executing arbitrary pieces of
python code inside the interpreter, which comes from e.g. players who
customize their in-game behavior of their avatars.
Now how exactly does linux (or any other resource limiting technique on any
OS) help here - killing the whole game server surely isn't a desirable
solution when one player goes berserk, might it be intentionally or not.
It is a recurring and pretty much understandable request on c.l.py to be
able to do so - sometimes it arises in the disguise of killable threads.
But unfortunately the solution doesn't seem to be as simple as one would
wish.
Diez
More information about the Python-list
mailing list