Now that rexec is gone...
Rainer Deyke
rainerd at eldwood.com
Sat Sep 27 14:46:22 EDT 2003
Alex Martelli wrote:
> Actually, such a "butchered" Python interpreter might be a fun and
> useful project indeed. You would have to add programmable limits on
> resource consumptions -- e.g., memory allocatable by the script[s],
> time (CPU or maybe elapsed) usable thereby, etc. And you should
> rename everything, say to use Qy instead of Py, so that a normal and a
> butchered interpreter could easily be embedded in the same program.
That might be a useful project, but it also sounds like a lot of work. I
don't think I'll be going that route.
As it turns out, I can solve my security problem in a different way
entirely: by confirming that any Python code I run is from a trusted source.
No need to run untrusted code at all.
--
Rainer Deyke - rainerd at eldwood.com - http://eldwood.com
More information about the Python-list
mailing list