Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python.announce > #555
| Path | csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!news.tele.dk!feed118.news.tele.dk!news.tele.dk!small.news.tele.dk!newsgate.cistron.nl!newsgate.news.xs4all.nl!194.109.133.85.MISMATCH!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <victor.stinner@gmail.com> |
| X-Original-To | python-announce-list@python.org |
| Delivered-To | python-announce-list@mail.python.org |
| X-Spam-Status | OK 0.000 |
| X-Spam-Evidence | '*H*': 1.00; '*S*': 0.00; 'guido': 0.03; 'irc': 0.03; 'subject:released': 0.03; 'cpython': 0.05; 'sys': 0.05; 'url:pypi': 0.08; 'python': 0.08; 'builtin': 0.09; 'dict': 0.09; 'executed': 0.09; 'subprocess': 0.09; 'url:github': 0.09; 'url:peps': 0.09; 'configure': 0.10; 'yet.': 0.15; '(read': 0.16; '(write': 0.16; '__builtins__': 0.16; 'changelog': 0.16; 'expression.': 0.16; 'module).': 0.16; 'namespace,': 0.16; 'rossum': 0.16; 'timeout': 0.16; 'timeout.': 0.16; 'workaround': 0.16; 'sfxlen:2': 0.19; 'memory': 0.21; 'cc:no real name:2**0': 0.21; 'file,': 0.21; "doesn't": 0.22; 'default,': 0.23; 'helper': 0.23; 'modification': 0.23; 'pep': 0.23; 'url:dev': 0.23; 'fix': 0.25; 'modify': 0.25; 'cc:2**0': 0.26; 'module': 0.26; 'code': 0.26; 'function': 0.27; 'import': 0.27; 'random': 0.28; 'bugs': 0.28; 'message-id:@mail.gmail.com': 0.29; 'example': 0.29; 'print': 0.29; 'cc:addr:python.org': 0.29; 'url:wiki': 0.29; 'environment': 0.30; 'unable': 0.30; 'disabled': 0.30; 'math,': 0.30; 'modules,': 0.30; 'received:209.85.210.46': 0.30; 'received :mail-pz0-f46.google.com': 0.30; 'van': 0.30; 'changes': 0.30; '(e.g.': 0.31; 'file.': 0.31; 'proposed': 0.32; 'does': 0.32; 'modules': 0.32; 'implement': 0.32; 'it.': 0.33; 'deny': 0.34; 'url:python': 0.35; 'to:addr:python-announce-list': 0.37; 'run': 0.37; 'but': 0.37; 'received:google.com': 0.37; 'not,': 0.38; 'received:209.85': 0.38; 'uses': 0.38; 'intensive': 0.38; 'accepted': 0.38; 'e.g.': 0.39; 'url:org': 0.39; 'received:209': 0.39; 'cannot': 0.39; 'to:addr:python.org': 0.40; 'more': 0.61; 'choose': 0.64; 'limit': 0.67; 'evaluate': 0.71; 'protect': 0.79; 'limitations.': 0.84; 'victor': 0.91 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=ExlKUneaAzeCZyiUXbr3kqrBAkYByCmd/iFVDBDt/SM=; b=yIplg7my4tUf3WxBzrru55gQOzf38sea2elNWBXsfqjtmfb+T/aovVkUoxzAZlQPPV l9n9Ok4Q6XXh9ITJfz3dWOPgHx//v8wTQMrTZAMgNuvZvqRBMRpeG3Pj72FSt2YhHy7d McczUnZY9cyu7hJ7GDEVUy7EiG2RiF/v/Z4SDAVno8Enpn0gBuK3LZzoAVprSV+cmJiC 9O+tocOcHFT6cix9bbsVf+F1OuuNCgddYte4pVRX4/z6kR9uMKCEGHKTu0SnHWpFeHXs 8bp6VhvOR5YC1RvAMmU/QQXF9W9TqU/Ht8ngFt/7SLo2Ru0YWGWXSMPQOWJbdvWR2T6n mOkA== |
| MIME-Version | 1.0 |
| Date | Tue, 20 Mar 2012 13:32:43 +0100 |
| Subject | pysandbox 1.5 released |
| From | Victor Stinner <victor.stinner@gmail.com> |
| To | python-announce-list@python.org |
| Content-Type | text/plain; charset=UTF-8 |
| X-Mailman-Approved-At | Tue, 20 Mar 2012 15:11:32 +0100 |
| Cc | python-dev@python.org |
| X-BeenThere | python-announce-list@python.org |
| X-Mailman-Version | 2.1.12 |
| Precedence | list |
| Reply-To | python-list@python.org |
| List-Id | Announcement-only list for the Python programming language <python-announce-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-announce-list>, <mailto:python-announce-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-announce-list> |
| List-Post | <mailto:python-announce-list@python.org> |
| List-Help | <mailto:python-announce-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-announce-list>, <mailto:python-announce-list-request@python.org?subject=subscribe> |
| Approved | python-announce-list@python.org |
| Newsgroups | comp.lang.python.announce |
| Message-ID | <mailman.829.1332252693.3037.python-announce-list@python.org> (permalink) |
| Lines | 44 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1332252693 news.xs4all.nl 6855 [2001:888:2000:d::a6]:55432 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python.announce:555 |
Show key headers only | View raw
pysandbox is a Python sandbox. By default, untrusted code executed in the sandbox cannot modify the environment (write a file, use print or import a module). But you can configure the sandbox to choose exactly which features are allowed or not, e.g. import sys module and read /etc/issue file. http://pypi.python.org/pypi/pysandbox https://github.com/haypo/pysandbox/ Main changes since pysandbox 1.0.3: - More modules and functions are allowed: math, random and time modules, and the compile() builtin function for example - Drop the timeout feature: it was not effective on CPU intensive functions implemented in C - (Read the ChangeLog to see all changes.) pysandbox has known limitations: - it is unable to limit memory or CPU - it does not protect against bugs (e.g. crash) or vulnerabilities in CPython - dict methods able to modify a dict (e.g. dict.update) are disabled to protect the sandbox namespace, but dict[key]=value is still accepted It is recommanded to run untrusted code in a subprocess to workaround these limitations. pysandbox doesn't provide an helper yet. pysandbox is used by an IRC bot (fschfsch) to evaluate a Python expression. The bot uses fork() and setrlimit() to limit memory and to implement a timeout. https://github.com/haypo/pysandbox/wiki/fschfsch -- The limitation on dict methods is required to deny the modification of the __builtins__ dictionary. I proposed the PEP 416 (frozendict) but Guido van Rossum is going to reject it. I don't see how to fix this limitation without modifying CPython. http://www.python.org/dev/peps/pep-0416/ Victor
Back to comp.lang.python.announce | Previous | Next | Find similar | Unroll thread
pysandbox 1.5 released Victor Stinner <victor.stinner@gmail.com> - 2012-03-20 13:32 +0100
csiph-web