[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)
Jon Ribbens
jon+python-dev at unequivocal.co.uk
Sun Apr 10 12:43:08 EDT 2016
On Sat, Apr 09, 2016 at 02:43:19PM +0200, Victor Stinner wrote:
> Please don't loose time trying yet another sandbox inside CPython. It's
> just a waste of time. It's broken by design.
>
> Please read my email about my attempt (pysandbox):
> https://lwn.net/Articles/574323/
>
> And the LWN article:
> https://lwn.net/Articles/574215/
>
> There are a lot of safe ways to run CPython inside a sandbox (and not rhe
> opposite).
>
> I started as you, add more and more things to a blacklist, but it doesn't
> work.
That's the opposite of my approach though - I'm starting small and
adding things, not starting with everything and removing stuff. Even
if what we end up with is an extremely restricted subset of Python,
there are still cases where that could be a useful tool to have.
I've read your links above, and indeed everything I can find written
by anyone about historical attempts to sandbox Python. I'm aware that
others have tried and failed at this in the past, so it's certainly
true that there is room for suspicion that this simply cannot be done.
However on the other hand, nobody has tried before to do what I am
doing (static code analysis), so it's not necessarily a safe
assumption that the idea is doomed. For example, as far as I can see,
none of the methods used to break out of your pysandbox would work to
break out of my experiment.
More information about the Python-Dev
mailing list