Running insecure python code

Mark 'Kamikaze' Hughes kamikaze at kuoi.asui.uidaho.edu
Fri Mar 5 20:35:12 EST 2004 

Bob Ippolito <bob at redivi.com>
wrote on Fri, 5 Mar 2004 11:07:47 -0500:
> On 2004-03-04 16:04:25 -0500, kamikaze at kuoi.asui.uidaho.edu (Mark 
> 'Kamikaze' Hughes) said:
>> Bob Ippolito <bob at redivi.com>
>> wrote on Fri, 27 Feb 2004 18:57:55 -0500:
>>> You can try looking into PyPy or something.  In practice, an 
>>> interpreter written in Python is probably going to be far too slow to 
>>> be used for any sort of modern game.
>>   You could translate your more limited scripting language into Python,
>> and then eval it.  This should be reasonably fast, and if you're careful
>> not to pass unescaped strings from the player through to Python, it
>> should be secure.
>>   For maximum fun, the limited scripting language should be a subset of
>> Python.
> You have to be awfully careful about resource consumption (long 
> strings, infinite loops, etc)...
> It wouldn't be trivial to do correctly, let's leave it at that.

  There are two possibilities.  The first is that resource consumption
is irrelevant to your concerns, you just want something that can't 'rm
-rf' your files.  If the user runs you out of memory, so what?  If the
user eats a lot of CPU time, so what?  You kill the app, and it goes
away (if your OS's task switching is so primitive that you can't kill a
CPU-eating app, the problem is not in the scripting language).  This is
very easy to provide, and in real scripting applications this is all you
need 99.9% of the time.

  The second, which exists only in very theoretical ivory-tower
discussions and will never be found in the wild, is that you do care
about loops, recursion, and memory hogging.  Even so, this is a little
harder, but not by much.  You check all the strings, you check the range
of all loops, your custom list class checks maximum sizes before
appending, and you don't allow any cycles in function-calling graphs.

-- 
 <a href="http://kuoi.asui.uidaho.edu/~kamikaze/"> Mark Hughes </a>
"Doing the impossible makes us mighty." -Captain Malcolm Reynolds, Firefly

More information about the Python-list mailing list