[Python-Dev] Sandboxing Python
Victor Stinner
victor.stinner at gmail.com
Fri Mar 9 01:38:11 CET 2012
On 01/03/2012 22:59, Victor Stinner wrote:
>> I challenge anymore to break pysandbox! I would be happy if anyone
>> breaks it because it would make it more stronger.
Results, one week later. Nobody found a vulnerability giving access to
the filesystem or to the sandbox.
Armin Rigo complained that CPython has known "crasher" bugs. Except of
the compiler recursion, I fixed those bugs in CPython 3.3.
Serhiy Storchaka found a bug in the pysandbox timeout: long operations
implemented in C hangs the sandbox, the timeout contrain is not applied.
Guido proposed to abort the process (use the default SIGALRM action). I
proposed to add an option to use a subprocess. Both solutions are not
exclusive.
Armin Rigo also noticed that PyPy sandbox design is more robust than
pysandbox design, I agree with him even if I think a CPython sandbox is
useful and users ask for such protection.
I have no idea how many developers tried to break the pysandbox security.
Victor
More information about the Python-Dev
mailing list