Secure Python

Steven D'Aprano steve at REMOVEME.cybersource.com.au
Thu Nov 16 09:45:18 CET 2006


On Thu, 16 Nov 2006 17:44:37 +1000, timmy wrote:

> congraulations you have discovered loops and their misuse

Did you have a point in your utterly inane comment, or did you just want
to see your name on Usenet?

In any case, it isn't just "loops" that are dangerous.

print 2**512**512

No loop there, but it will operate as a lovely DoS attack if you run it.

The Original Poster is suggesting running UNTRUSTED code. That means you
have to assume that it will be actively hostile, but even if it isn't
deliberately hostile, there will be bugs which the developer can't control.

He wants to run this untrusted (hostile or buggy or both) code in an
environment where it can't do bad things. "Bad things" include Denial of
Service attacks. So, Timmy, let's hear your brilliant scheme for
preventing DoS attacks when running hostile code in Python.



-- 
Steven D'Aprano 




More information about the Python-list mailing list