limited python virtual machine (WAS: Another scripting language implemented into Python itself?)
Jack Diederich
jack at performancedrivers.com
Wed Jan 26 14:17:20 EST 2005
On Wed, Jan 26, 2005 at 10:23:03AM -0700, Steven Bethard wrote:
> Jack Diederich wrote:
> >Yes, this comes up every couple months and there is only one answer:
> >This is the job of the OS.
> >Java largely succeeds at doing sandboxy things because it was written that
> >way from the ground up (to behave both like a program interpreter and an
> >OS).
> >Python the language was not, and the CPython interpreter definitely was
> >not.
> >
> >Search groups.google.com for previous discussions of this on c.l.py
>
> Could you give some useful queries? Every time I do this search, I get
> a few results, but never anything that really goes into the security
> holes in any depth. (They're ususally something like -- "look, given
> object, I can get int" not "look, given object, I can get eval,
> __import__, etc.)
A search on "rexec bastion" will give you most of the threads,
search on "rexec bastion diederich" to see the other times I tried to
stop the threads by reccomending reading the older ones *wink*.
Thread subjects:
Replacement for rexec/Bastion?
Creating a capabilities-based restricted execution system
Embedding Python in Python
killing thread ?
-Jack
More information about the Python-list
mailing list