Simple Python Sandbox
Steven D'Aprano
steve at REMOVE-THIS-cybersource.com.au
Sat Aug 14 20:09:19 EDT 2010
On Sat, 14 Aug 2010 12:56:45 -0700, Stephen Hansen wrote:
>> I suggest that if the untrusted code is only supposed to be simple and
>> limited, you would be best off to write your own "mini-language" using
>> Python syntax.
>
> I considered it and rejected it. The return from the effort required
> doesn't even vaguely come close to making it worth it.
I suppose that depends on how simple the untrusted code will be, but I
guess you're in the best position to make that call.
> My worst case
> fall-back plan is to embed /another/ language (be it Lua or JavaScript
> through V8) and offer it a very limited environment. But I don't want to
> do that (and considering I solved the while True: pass problem last
> night, I'm pretty sure I won't decide to).
I assume you mean you've solved the problem of DOS attacks from users
running infinite loops. How did you do that?
--
Steven
More information about the Python-list
mailing list