Paul Rubin http://[EMAIL PROTECTED] writes on 08 Jan 2005 14:56:43 -0800:
Dieter Maurer [EMAIL PROTECTED] writes:
It uses a specialized compiler that prevents dangerous bytecode operations
to be generated and enforces a restricted builtin environment.
Does it stop the user from
Doug Holton [EMAIL PROTECTED] writes on Thu, 06 Jan 2005 20:34:31 -0600:
...
Hi, there is a page on this topic here:
http://www.python.org/moin/SandboxedPython
The short answer is that it is not possible to do this with the
CPython, but you can run sandboxed code on other virtual machines,
Dieter Maurer [EMAIL PROTECTED] writes:
It uses a specialized compiler that prevents dangerous bytecode operations
to be generated and enforces a restricted builtin environment.
Does it stop the user from generating his own bytecode strings and
demarshalling them?
--
Paul Rubin schrieb:
Best solution would probably be to create
a thread for each request that can operate only with the id of an
authenticated user. But this seems to be a problem with Apache or
with Linux?
Threads wouldn't do it--you'd need separate processes. For example,
multiple threads in
Craig Ringer schrieb:
That is my understanding. In fact, I'd say with Python it's nearly
impossible given how dynamic everything is and the number of tricks that
can be used to obfuscate what you're doing. Think of the fun that can be
had with str.encode / str.decode and getattr/hasattr .
It would
Jp Calderone [EMAIL PROTECTED] writes:
A Python sandbox would be useful, but the hosting provider's excuse
for not allowing you to use mod_python is completely bogus. All the
necessary security tools for that situation are provided by the
platform in the form of process and user
Jp Calderone wrote:
[...]
A Python sandbox would be useful, but the hosting provider's excuse
for not allowing you to use mod_python is completely bogus. All the
necessary security tools for that situation are provided by the
platform in the form of process and user separation.
Not sure this
On 06 Jan 2005 07:32:25 -0800, Paul Rubin http://phr.cx@nospam.invalid
wrote:
Jp Calderone [EMAIL PROTECTED] writes:
A Python sandbox would be useful, but the hosting provider's excuse
for not allowing you to use mod_python is completely bogus. All the
necessary security tools for that
On Thu, Jan 06, 2005 at 07:32:25AM -0800, Paul Rubin wrote:
Jp Calderone [EMAIL PROTECTED] writes:
A Python sandbox would be useful, but the hosting provider's excuse
for not allowing you to use mod_python is completely bogus. All the
necessary security tools for that situation are
On Thu, 6 Jan 2005 16:53:23 +0100, Gerhard Haering [EMAIL PROTECTED] wrote:
--rwEMma7ioTxnRzrJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jan 06, 2005 at 07:32:25AM -0800, Paul Rubin wrote:
Jp Calderone [EMAIL
Jp Calderone schrieb:
But mod_python is an apache module and runs in the same apache process
with other users' scripts.
I am uncertain as to how this differs from mod_php (the alternative
discussed in the OP's story). I've been away from PHP for a while, so
perhaps mod_php has gained some
Peter Maas [EMAIL PROTECTED] writes:
I think PHP has a safe mode which solves the probem of isolating
scripts of different users on application level. This is not optimal
but better than nothing. Best solution would probably be to create
a thread for each request that can operate only with the
Gerhard Haering [EMAIL PROTECTED] writes:
But mod_python is an apache module and runs in the same apache process
with other users' scripts.
Which is why it's a good idea for each customer to have it's own
system user and their virtual hosts running under this uid. Which
was the idea for
Rolf Magnus wrote:
I would like to embed a python interpreter within a program, but since
that program would be able to automatically download scripts from the
internet, I'd like to run those in a restricted environment, which
basically means that I want to allow only a specific set of
Rolf Magnus wrote:
Hi,
I would like to embed a python interpreter within a program, but since that
program would be able to automatically download scripts from the internet,
I'd like to run those in a restricted environment, which basically means
that I want to allow only a specific set of modules
On Thu, 2005-01-06 at 23:05, Peter Maas wrote:
Craig Ringer schrieb:
It would certainly be difficult to track all harmful code constructs.
But AFAIK the idea of a sandbox is not to look at the offending code
but to protect the offended objects: files, databases, URLs, sockets
etc. and to
On Thu, 2005-01-06 at 23:40, Steve Holden wrote:
Jp Calderone wrote:
[...]
A Python sandbox would be useful, but the hosting provider's excuse
for not allowing you to use mod_python is completely bogus. All the
necessary security tools for that situation are provided by the
Fredrick Lundh (at www.effbot.org ) was working on a 'cut down python'
that only implements the bits of python he likes !! It would be great
if the core of that interpreter could be used as a 'restricted
interpreter'.
If you could externally disable os, sys, os.path modules etc and limit
the set
Check out
http://mail.python.org/pipermail/python-dev/2003-January/031851.html
for a historical thread on rexec.py's vulnerabilities.
Right now, the answer for people who want restricted execution is
usually wait for pypy, due to the number of tricks that can subvert
the rexec model. There
Rolf Magnus wrote:
Hi,
I would like to embed a python interpreter within a program, but since that
program would be able to automatically download scripts from the internet,
I'd like to run those in a restricted environment, which basically means
that I want to allow only a specific set of modules
On Wed, 2005-01-05 at 13:43, Maurice LING wrote:
Rolf Magnus wrote:
Hi,
I would like to embed a python interpreter within a program, but since that
program would be able to automatically download scripts from the internet,
I'd like to run those in a restricted environment, which
Maurice LING [EMAIL PROTECTED] writes:
I won't really count on that. In my opinions, which may be wrong,
Python is not constructed to work in a sandbox like Java. Java does it
by subjecting all classes that it loads through a security
manager. What you seems to want is a Python to have Java
22 matches
Mail list logo