python without while and other "explosive" statements
Grant Edwards
grante at visi.com
Sun May 11 20:03:43 EDT 2008
On 2008-05-11, ivo talvet <ivo.talvet at gmail.com> wrote:
> Is it possible to have a python which not handle the execution of
> "while", "for", and other loop statements ? I would like to allow
> remote execution of python on a public irc channel, so i'm looking for
> techniques which would do so people won't be able to crash my computer
> (while 1: os.fork(1)), or at least won't won't freeze my python in a
> infinite loop, make it unresponsive.
The easiest thing to to is to limit the amount of files,
disk-space, file descriptors, inodes, memory, cpu, and
processes that the users are allowed. If bash is your shell,
the builtin "ulimit" provides most of those features. The file
system quota features provide the rest.
> Is there a compiling option (or better, something i can get
> with apt-get cos i think compiling myself and handle all the
> metastuff myself is somehow dirty) for have a "secure python"
> (you can guess what i mean by "secure" in my case) or must i
> touch myself the source disable some code lines ? If last
> solution, which modifications in which files should i do?
My advice is don't try to secure Python itself: secure the
environment in which the users are using it.
--
Grant Edwards grante Yow! Did I SELL OUT yet??
at
visi.com
More information about the Python-list
mailing list