[Python-checkins] r52010 - in python/branches/bcannon-objcap: Lib/test/test_interpreter.py securing_python.txt

brett.cannon python-checkins at python.org
Tue Sep 26 22:52:32 CEST 2006 

Author: brett.cannon
Date: Tue Sep 26 22:52:32 2006
New Revision: 52010

Modified:
   python/branches/bcannon-objcap/Lib/test/test_interpreter.py
   python/branches/bcannon-objcap/securing_python.txt
Log:
Verified that exit() does not cause the entire process to exit.


Modified: python/branches/bcannon-objcap/Lib/test/test_interpreter.py
==============================================================================
--- python/branches/bcannon-objcap/Lib/test/test_interpreter.py	(original)
+++ python/branches/bcannon-objcap/Lib/test/test_interpreter.py	Tue Sep 26 22:52:32 2006
@@ -1,4 +1,4 @@
-""" Things to protect (and thus test) against:
+""" Things to protect (and thus test) against:
 * Importing
     + built-ins
     + .pyc/.pyo
@@ -270,6 +270,8 @@
         self.failUnlessRaises(RuntimeError, self.interp.execute,
                                 "raise SystemExit")
         self.failUnless(self.interp.exc_matches(SystemExit))
+        self.failUnlessRaises(RuntimeError, self.interp.execute, "exit()")
+        self.failUnless(self.interp.exc_matches(SystemExit))
         
 
 def test_main():

Modified: python/branches/bcannon-objcap/securing_python.txt
==============================================================================
--- python/branches/bcannon-objcap/securing_python.txt	(original)
+++ python/branches/bcannon-objcap/securing_python.txt	Tue Sep 26 22:52:32 2006
@@ -20,7 +20,7 @@
     - frame
         * do not allow importing 'sys' module to get to
           sys._getframe(), sys._current_frames(), or setting a trace
-          or profile function.
+          or profile function. <critical>
     - object() [done]
         * Remove object.__subclasses__ (`Mutable Shared State`_) [done]
 + Sandboxed versions of built-ins (`Sanitizing Built-In Types`_)
@@ -34,8 +34,7 @@
         * Just promote removal
     - exit()
         * Have SystemExit exit the process only if no other
-          interpreters are running. <critical> [done]
-        * XXX Safe?
+          interpreters are running. [done]
 + Filesystem path hiding (`Filesystem Information`_) <critical?>
 + Tweaked stdlib modules
     - mini 'sys' module (`Making the ``sys`` Module Safe`_)

More information about the Python-checkins mailing list