Replacing rexec
Moshe Zadka
m at moshez.org
Thu Jul 17 09:14:02 EDT 2003
[Aahz]
> require forking the code. Note that it's already too easy to write a
> DoS attack against Python: 100L**100**100 will do it. Conversely, if
> only trusted code is going into the server, there's no need for rexec.
[John J. Lee]
> I don't see how it's possible to prevent that, whatever language
> you're using.
Limits on memory and CPU ticks used by untrusted code.
This brand new, cutting edge technology is not yet available, and
LambdaMOO was, of course, a product of Guido misusing the time-machine.
Which doesn't exist itself, either.
--
Moshe Zadka -- http://moshez.org/
Buffy: I don't like you hanging out with someone that... short.
Riley: Yeah, a lot of young people nowadays are experimenting with shortness.
Agile Programming Language -- http://www.python.org/
More information about the Python-list
mailing list