vinjvinj wrote: > While I understand 2 is very hard (if not impossible) to do in single > unix process. I'm not sure why 1 would be hard to do. Since I have > complete control to what code I can allow or not allow on my grid. Can > i not just search for certain strings and disallow the model if it > fails certain conditions. It might not be 100% secure but will it not > get me at 90%...
You might be able to think of and disallow the most obvious security holes, but how confident are you that you will think of the bad code that your users will think of? Are you concerned about malicious users, or just incompetent users? I suspect your best bet might be to write a mini-language using Python, and get your users to use that. You will take a small performance hit, but security will be very much improved. What do others think? -- Steven. -- http://mail.python.org/mailman/listinfo/python-list
