On 7 Mai, 14:01, Duncan Booth <[EMAIL PROTECTED]> wrote: > Paul Miller <[EMAIL PROTECTED]> wrote: > > Bastion and rexec have been deprecated since Python 2.2, so it seems > > we (the Python community) have gotten along well enough without them. > > Have these modules not been reimplemented because: > > > a) There are no valid use cases for them. > > b) Doing so would be difficult and prone to breakage as new features > > are introduced into the language. > > c) Nobody has any idea how to do it. > > d) Nobody cares. > > e) Guido thinks it's a bad idea. > > > or, some combination of these? > > I think it is mostly 'b' plus partly nobody cares sufficiently to put the > time, money and effort behind it.
I'd agree with this, adding that (c) is increasingly starting to apply to CPython as new features make any potential sandboxing strategy less coherent. Brett Cannon appears to be tackling this situation head-on, however. > The recent release of Silverlight means that there is now a way to run > Python in a secure sandbox. Also possible with Jython for a long time, I believe. Meanwhile, others (including non-Python developers) have turned to other kinds of solutions including virtualisation at different levels. See this page for more discussion: http://wiki.python.org/moin/SandboxedPython I've experimented somewhat with a chroot-based solution, although I'm reluctant to make it available because of an uncertainty as to whether it really offers proper "jailing" of the executed code, along with concerns that people may consider it secure without doing their own homework on the matter. Ideally, I'd want to trim the Python interpreter right down to the very basic virtual machine (without I/O) and then build the different extensions back on in a security-oriented framework, but I guess this is what Mr Cannon has in mind. Paul -- http://mail.python.org/mailman/listinfo/python-list
