Creating a reliable sandboxed Python environment

Modulok modulok at gmail.com
Sat May 30 21:08:37 EDT 2015 

While this thread is indeed a theoretical discussion of the interpreter,
for a practical solution where you control the host environment, one might
look into OS level sandboxing like FreeBSD's Jails (not to be confused with
a simple chroot environment) along with various resource limiting
parameters. You can lock down a 'sandboxed' i.e. jailed environment for
arbitrary data and processes, including python, pretty tightly.

-Kurt-

On Sat, May 30, 2015 at 5:52 PM, Steven D'Aprano <steve at pearwood.info>
wrote:

> On Sat, 30 May 2015 09:24 pm, Laura Creighton wrote:
>
> > In a message of Sat, 30 May 2015 19:00:14 +1000, "Steven D'Aprano"
> writes:
> >>I wouldn't have imagined that the claim "it's easier to secure a small
> >>language with a few features than a big language with lots of features"
> >>would have been so controversial. I wonder if this claim will be equally
> >>as controversial?
> >>
> >>There is a rough correlation between the number of lines of code in a
> code
> >>base, and the number of potential security holes that need to be guarded
> >>against.
> >
> > Maybe these aren't controversial if you are doing langauge level
> > sandboxing, but you don't have to sandbox like that.  Consider, for a
> > moment, the sandboxing technique used by PyPy
> > discussed at
> >
> > http://pypy.readthedocs.org/en/latest/sandbox.html
> >
> > You think it is way cool, but, alas, you want to sandbox some other
> > language than Python.
>
> How many PyPy sandboxes are being used with hostile users motivated to
> break
> out of the sandbox?
>
> "I wrote a sandbox which I can't break out of" is different from "I wrote a
> sandbox which nobody can break out of". Javascript is sandboxed, but due to
> bugs in implementations, Javascript-based exploits are now heavily used by
> malware. There are possibly even more Javascript-based exploits than buffer
> overflow based exploits these days, as C programmers get better at using
> automated tools that check for buffer overflows.
>
>
>
> --
> Steven
>
> --
> https://mail.python.org/mailman/listinfo/python-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20150530/3ac4d5e7/attachment.html>

More information about the Python-list mailing list