On Sat, 14 Aug 2010 12:56:45 -0700, Stephen Hansen wrote: >> I suggest that if the untrusted code is only supposed to be simple and >> limited, you would be best off to write your own "mini-language" using >> Python syntax. > > I considered it and rejected it. The return from the effort required > doesn't even vaguely come close to making it worth it.
I suppose that depends on how simple the untrusted code will be, but I guess you're in the best position to make that call. > My worst case > fall-back plan is to embed /another/ language (be it Lua or JavaScript > through V8) and offer it a very limited environment. But I don't want to > do that (and considering I solved the while True: pass problem last > night, I'm pretty sure I won't decide to). I assume you mean you've solved the problem of DOS attacks from users running infinite loops. How did you do that? -- Steven -- http://mail.python.org/mailman/listinfo/python-list
