Restricted Execution of untrusted code
Roy Smith
roy at panix.com
Sun Nov 2 21:50:03 EST 2008
In article <87y701obgz.fsf at benfinney.id.au>,
Ben Finney <bignose+hates-spam at benfinney.id.au> wrote:
> "Emanuele D'Arrigo" <manu3d at gmail.com> writes:
>
> > On Nov 1, 12:44Â am, Lawrence D'Oliveiro wrote:
> > > I think the most reliable solution is to take advantage of a level
> > > in the system that already has to provide protection against
> > > malicious code: use a chroot jail.
> […]
> >
> > [sigh] That sound a little overkill for a small application. I guess
> > somebody should come up with a sandbox version of python, that can
> > be executed, say, with a directory provided as a parameter and all
> > the os calls are never made above that level.
>
> That's exactly what a chroot jail *is*, except you don't need to wait
> for a special version of Python.
What's more, the kernel is in a much better position to understand how a
pathname maps to a location in the physical file system than any
application could. Should Python attempt to understand what it means to
traverse a symlink? A mount point?
More information about the Python-list
mailing list