Secure Python

timmy timothy at open-networks.net
Thu Nov 16 19:11:38 EST 2006 

Diez B. Roggisch wrote:
>>as posted before, linux kernel limit.
>>
>>then you and your users can go as crazy as you want and you won't take
>>out your system.
>>
>>maybe you should think a little more before going on the attack like that.
> 
> 
> You should maybe read a little bit more when making bold statements about
> the feasibility of a sandboxed _PYTHON_. The OP wrote:
> 

there is nothing preventing you putting limits on the resources each 
process uses, on just about any modern day OS

> At least to me - and I presume pretty much everybody except you in this
> thread - 

Oh no i understand perfectly what he wants, i merely suggest a simple OS 
based solution.

this means that he is interested in executing arbitrary pieces of
> python code inside the interpreter, which comes from e.g. players who
> customize their in-game behavior of their avatars. 
> 
> Now how exactly does linux (or any other resource limiting technique on any
> OS) help here - killing the whole game server surely isn't a desirable
> solution when one player goes berserk, might it be intentionally or not.

resource managment does not kill anything it merely prevents one process 
running away and consuming the whole server. this is EXACTLY what he is 
afraid of.
if he intends on running arbitrary code then i suggest he spawns each 
one as a seperate thread with a spefic name and merely set limits on all 
  processes named X. that way he can run any whacky code he wants safely 
inside those processes without fear of any one of them crashing the 
server. I know it can be done under any of the nix's, I'm not sure how 
to do so under windows, but it could probably be done.

> 

> It is a recurring and pretty much understandable request on c.l.py to be
> able to do so - sometimes it arises in the disguise of killable threads.
> But unfortunately the solution doesn't seem to be as simple as one would
> wish.

i can understand people wanting an application based cross platform 
solution to this, but i'm yet to see anything practicle hence i suggest 
and OS based solution.

> 
> Diez

More information about the Python-list mailing list