rexec questions

Roman Suzi rnd at onego.ru
Tue Aug 7 16:01:36 EDT 2001 

On Tue, 7 Aug 2001, Alex Martelli wrote:

>"Roman Suzi" <rnd at onego.ru> wrote in message
>news:mailman.997127183.21245.python-list at python.org...
>    ...
>> >because there isn't much current interest in controlled execution
>> >of untrusted Python code, so rexec didn't (I think) mature much
>> >after work on Grail more or less stopped.
>>
>> I've heard Mozilla will have Python applets. How will it
>> rexec them?
>
>Do you have an URL?  I'd like to investigate that -- with
>google I can only find it expressed as a wish.  Presumably
>Mozilla could easily restrict Python applets *strongly*,
>by forbidding things very broadly (just as, say, javascript
>code embedded in dynamic-HTML pages is restricted -- it
>can interact with the DOM of the HTML page, and that's
>just about it).

It's a pity it remains vapourware. Probably Mozilla projects
has more urgent things to solve. But for a year already I was
pretty sure Mozilla will support Perl & Python applets...
Was it, as you put it brainwashing?

>> >But there are surely
>> >other interesting applications for sandboxes for untrusted code,
>> >so it may be time to design and implement a rexec2 successor,
>> >building upon rexec to add easier customization of security
>> >(controlled imports of non-builtin modules too, connections
>> >only to hosts on a trusted list, whatever...).
>>
>> That is what Java's Security Manager (sp?) does. This can
>> probably be explained by Python's usage areas. Python is
>> not used in applets extensively (if at all).
>
>Since Grail's demise, I do agree that Python isn't often
>used to run untrusted code; when it is, I guess rexec's
>simple (if draconian) policies suffice, more or less.

Recent outburst of viruses I hope will make software vendors (and OS
vendors too) to rethink security considerations. Modern OSes (IMHO) have
very poor security granularity in them which lead to great chances of
getting malicious code. I read somewhere in some review on the Net that
there need be hardcoded trust-based software execution model with
well-defined bondaries what can do what. rexec is very good model of it
albeit inside Python world. Only network side is lacking...


Sincerely yours, Roman Suzi
-- 
_/ Russia _/ Karelia _/ Petrozavodsk _/ rnd at onego.ru _/
_/ Tuesday, August 07, 2001 _/ Powered by Linux RedHat 6.2 _/
_/ "All work and no play, will make you a manager." _/

More information about the Python-list mailing list