Running insecure python code

Bob Ippolito bob at redivi.com
Fri Feb 27 18:57:55 EST 2004 

You can try looking into PyPy or something.  In practice, an 
interpreter written in Python is probably going to be far too slow to 
be used for any sort of modern game.

You're probably better off just not worrying about the "safety" and 
giving them regular Python.  When something secure and/or sufficiently 
multistate exists, you could migrate.

There is also the possibility of running these user tasks in separate 
processes altogether (or in just one) and brokering objects between the 
two (i.e. sending pickles, or something more sanitized if you're REALLY 
concerned about security).  This would let you use operating system 
facilities to monitor the resource consumption and would give you the 
same kind of security that you have between any two separate processes. 
 The IDLE IDE actually does something like this for running an 
interpreter, and I believe it can even do debugging this way.

-bob

On 2004-02-27 16:39:36 -0500, Noen <not.available at na.no> said:

> Bob Ippolito wrote:
> Perhaps writing a new script language using the builtin parser module
> would solve the problems... Any pre-made scripting languages written in
> python out in the wild?
> 
> | On 2004-02-26 21:21:37 -0500, "Terry Reedy" <tjreedy at udel.edu> said:
> |
> |>
> |> "Noen" <not.available at na.no> wrote in message
> |> news:hQq%b.41604$BD3.8026233 at juliett.dax.net...
> |>
> |>> Im developing a game where the players will program their equipment with
> |>> python. Are there any ways to run insecure code?
> |>
> |>
> |> safely, without letting
> |>
> |>  > clients mess with the server-code through their own code, or even DOS
> |> the box
> |>
> |>> by using up too much memory.
> |>
> |>
> |> There have been several threads on this topic.  Quick answer: nothing as
> |> good as you would want.  Stackless, with its tasklets, may be your
> |> best bet
> |> once updated to run with 2.3.3.
> |
> |
> | Even with stackless, you're not going to be able to stop them from using
> | "too much memory".  Besides, you can't stop a determined and experienced
> | python hacker from getting ANYTHING (even if it's written in C) ;)
> |
> | Stackless 3.0 (Python 2.3.3) compiles and works just fine from CVS HEAD,
> | and I believe windows binaries are even available.  Of course,
> | documentation is lacking, and we're planning to do quite a bit of stuff
> | during the sprints next month.. but it's good enough to use if you
> want to.

More information about the Python-list mailing list