Security test of embedded Python
Chris Angelico
rosuav at gmail.com
Tue Jun 21 20:49:52 EDT 2011
I'm involved in the construction of an environment that allows end
users to supply scripts which will then run on our servers. We need to
be able to offer the full flexibility of a scripting language, but
without the risk of compromise to our computers. To that end, we have
set up a system with pretty much the same facilities as our live
system will have, and are offering this to the world to hammer on -
and requesting the world's assistance in hunting down bugs.
The environment is Python 3.3a0 embedded in C++, running on Linux.
It's currently home-hosted to keep things simple, with only one port
forwarded to it from our NAT router (so don't bother port scanning,
you aren't looking at Monty).
And yes, that's right. I have no imagination when it comes to names.
Our test box really is called Monty. And to sign up for our forums,
you'll need to prove you're a human by knowing that the name "Python"
goes with "Monty".
Launch page: http://www.pythontest.com/
PHPBB forum: http://www.pythontest.com/forum/
(feedback here please, no need to clutter the python-list)
Actual thing to whump into submission: http://www.pythontest.com:8000/
Find a bug, get noted as a contributor! :)
Thanks!
Chris Angelico
More information about the Python-list
mailing list