Safe eval?
Alex Martelli
aleax at aleax.it
Wed Apr 17 03:26:36 EDT 2002
Paul Rubin wrote:
> "Philipp Lenssen" <lenssen at hitnet.rwth-aachen.de> writes:
>> Is it possible to have a safe eval() on the server-side even when the
>> string consists of submitted user data?
>
> Well, look at the docs for the rexec (restricted execution) and Bastion
> classes, but basically no, there's no safe way. Rexec doesn't stop an
> infinite loop from hosing your cpu.
If you have to watch for that, forking and running the DoS risk in the
child process can help -- the parent process needs to keep an eye
over the resources (mostly, time) being used by the child process and
be ready to kill it if need be. Simple, it ain't.
> Why do you want to eval strings from untrusted users?
Can't answer for the OP, but applets/plugins are a nice concept for
a larg app, and it's nice, if feasible, to let end-users just download
and try plugins from 3rd parties if a way can be found to avoid having
the end-user examine and validate them. In such a situation the risk
of having an errant or malignant plugin get into a loop might even be
acceptable, as long as no damage can result to persistent data and
the end-user can still hit some button to terminate operations.
Alex
More information about the Python-list
mailing list