Safe eval?
Erno Kuusela
erno-news at erno.iki.fi
Wed Apr 17 06:31:42 EDT 2002
In article <Ms9v8.22165$b62.626694 at news1.tin.it>, Alex Martelli
<aleax at aleax.it> writes:
| Paul Rubin wrote:
|| "Philipp Lenssen" <lenssen at hitnet.rwth-aachen.de> writes:
||| Is it possible to have a safe eval() on the server-side even when the
||| string consists of submitted user data?
||
|| Well, look at the docs for the rexec (restricted execution) and Bastion
|| classes, but basically no, there's no safe way. Rexec doesn't stop an
|| infinite loop from hosing your cpu.
| If you have to watch for that, forking and running the DoS risk in the
| child process can help -- the parent process needs to keep an eye
| over the resources (mostly, time) being used by the child process and
| be ready to kill it if need be. Simple, it ain't.
you can use resource limits - then it's pretty simple. both cpu time
memory usage can be restricted using the resource module (remember to
use the hard limit).
it used to be the case that on linux only the address space
and stack limits were respected, i don't know if that's the
case any more. but address space works, unless you want
to mmap big files or somesuch.
-- erno
More information about the Python-list
mailing list