Is python buffer overflow proof?

Paul Rubin http
Tue Aug 4 09:56:05 CEST 2009


Steven D'Aprano <steven at REMOVE.THIS.cybersource.com.au> writes:
> The point is that code you write yourself can rely on "pure Python" to be 
> free of buffer-overflows (for some definition of "rely") rather than 
> having to worry about managing memory yourself.

Right.  Basically the Python interpreter protects you reasonably well
from silly errors.  The interpreter hasn't had anywhere near the level
of hardening required to claim to protect you from diabolically clever
malicious code running in the same interpreter as your sensitive
application.  The Rexec/Bastion modules were basically swiss cheese.



More information about the Python-list mailing list