On Wed, Jan 26, 2005 at 10:39:18AM -0800, aurora wrote: > >On Wed, Jan 26, 2005 at 05:18:59PM +0100, Alexander Schremmer wrote: > >>On Tue, 25 Jan 2005 22:08:01 +0100, I wrote: > >> > >>>>>> sys.safecall(func, maxcycles=1000) > >>> could enter the safe mode and call the func. > >> > >>This might be even enhanced like this: > >> > >>>>> import sys > >>>>> sys.safecall(func, maxcycles=1000, > >> allowed_domains=['file-IO', 'net-IO', 'devices', > >>'gui'], > >> allowed_modules=['_sre']) > >> > >>Any comments about this from someone who already hacked CPython? > > > >Yes, this comes up every couple months and there is only one answer: > >This is the job of the OS. > >Java largely succeeds at doing sandboxy things because it was written > >that > >way from the ground up (to behave both like a program interpreter and an > >OS). > >Python the language was not, and the CPython interpreter definitely was > >not. > > > >Search groups.google.com for previous discussions of this on c.l.py > > > It is really necessary to build a VM from the ground up that includes OS > ability? What about JavaScript? >
See the past threads I reccomend in another just-posted reply. Common browser implementations of Javascript have almost no features, can't import C-based libraries, and can easilly enter endless loops or eat all available memory. You could make a fork of python that matches that feature set, but I don't know why you would want to. -Jack -- http://mail.python.org/mailman/listinfo/python-list