Executing untrusted code
Emanuele D'Arrigo
manu3d at gmail.com
Fri Aug 7 11:15:08 EDT 2009
Greetings everybody,
I've been reading and mulling about python and security, specifically
in terms of executing code that may or may not be trustworthy. I
understand that libraries such as Rexec and Bastion are now deprecated
because they have known vulnerabilities that may be exploited to
circumvent the restrictions imposed.
So, am I right in understanding that is not possible to execute a
piece of code in a way that limits the objects and attributes that it
can access or that limits its access to file system and sockets? Are
there best practices to at least minimize some of the risks associated
with untrusted code execution?
And whatever happened to this:
http://sayspy.blogspot.com/2007/05/i-have-finished-securing-python.html
seemed to be a step forward in the right direction!
Manu
More information about the Python-list
mailing list