Sandboxing Python
cryptic at heavytech.com
cryptic at heavytech.com
Wed Sep 6 20:20:04 EDT 2000
Howdy all!
I'm trying to determine if rexec actually does provide a bulletproof
restricted execution environment. I've read that Grail used it for
its applet system, but have found comments saying this wasn't very
secure, and have heard from friends that the security provided is
limited.
If rexec isn't it, is there a way to run arbitrary potentially
dangerous Python code in a sandbox? What with the CP4E effort and
Python's rapid growth, it seems like the perfect language for public
scripting APIs to software like shared virtual environments. But of
course this cannot happen unless Python can provide a safe environment
to interact with untrustworthy user code. How are people solving this
problem? Hopefully not with JPython... :)
Grateful for any clues,
Nick
A Very Excited New Python Programmer...
More information about the Python-list
mailing list