[Python-checkins] r55661 - python/branches/bcannon-objcap/securing_python.txt
brett.cannon
python-checkins at python.org
Wed May 30 00:42:42 CEST 2007
Author: brett.cannon
Date: Wed May 30 00:42:36 2007
New Revision: 55661
Modified:
python/branches/bcannon-objcap/securing_python.txt
Log:
Update with current progress.
Modified: python/branches/bcannon-objcap/securing_python.txt
==============================================================================
--- python/branches/bcannon-objcap/securing_python.txt (original)
+++ python/branches/bcannon-objcap/securing_python.txt Wed May 30 00:42:36 2007
@@ -20,12 +20,12 @@
- frame
* do not allow importing 'sys' module to get to
sys._getframe(), sys._current_frames(), or setting a trace
- or profile function. <critical>
+ or profile function. [done]
- object() [done]
* Remove object.__subclasses__ (`Mutable Shared State`_) [done]
+ Sandboxed versions of built-ins (`Sanitizing Built-In Types`_)
- open()
- - __import__() / PEP 302 importer (`Imports`_) <critical>
+ - __import__() / PEP 302 importer (`Imports`_) [done]
* Make sure importing built-in modules can be blocked.
* Make sure that no abilities are exposed by importers since
they will be accessible from inheritance through sys data
@@ -51,8 +51,8 @@
* Just promote removal
- exit()
* Have SystemExit exit the process only if no other
- interpreters are running. [done]
-+ Filesystem path hiding (`Filesystem Information`_) <critical?>
+ interpreters are running.
++ Filesystem path hiding (`Filesystem Information`_)
+ Tweaked stdlib modules
- mini 'sys' module (`Making the ``sys`` Module Safe`_)
- genericpath module (for os.path when C modules blocked)
More information about the Python-checkins
mailing list