Challenge: escape from the pysandbox

Daniel Fetchinson fetchinson at googlemail.com
Sun Feb 28 17:40:59 EST 2010


>>I guess they also have some kind of a sandbox if they let people run
>>python on their machines, I'm not sure if it's open source though.
>
> Thing is, I'm sure that Google uses a critical backstop to any
> Python-based sandbox: something like a chroot jail.  The Python sandbox
> is mostly there to inform you about what you can and can't do; the real
> security is provided by the OS.

I see, makes perfect sense. This then raises the question whether it's
important to have a 100% fool proof python sandbox without help from
the OS, or this goal is not only too ambitious but also not really a
useful one. One aspect might be that one might want to have a platform
independent way of sandboxing, perhaps.

Cheers,
Daniel


-- 
Psss, psss, put it down! - http://www.cafepress.com/putitdown



More information about the Python-list mailing list