Path: csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!news.tele.dk!feed118.news.tele.dk!news.tele.dk!small.news.tele.dk!newsgate.cistron.nl!newsgate.news.xs4all.nl!194.109.133.85.MISMATCH!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-announce-list@python.org Delivered-To: python-announce-list@mail.python.org X-Spam-Status: OK 0.000 X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'guido': 0.03; 'irc': 0.03; 'subject:released': 0.03; 'cpython': 0.05; 'sys': 0.05; 'url:pypi': 0.08; 'python': 0.08; 'builtin': 0.09; 'dict': 0.09; 'executed': 0.09; 'subprocess': 0.09; 'url:github': 0.09; 'url:peps': 0.09; 'configure': 0.10; 'yet.': 0.15; '(read': 0.16; '(write': 0.16; '__builtins__': 0.16; 'changelog': 0.16; 'expression.': 0.16; 'module).': 0.16; 'namespace,': 0.16; 'rossum': 0.16; 'timeout': 0.16; 'timeout.': 0.16; 'workaround': 0.16; 'sfxlen:2': 0.19; 'memory': 0.21; 'cc:no real name:2**0': 0.21; 'file,': 0.21; "doesn't": 0.22; 'default,': 0.23; 'helper': 0.23; 'modification': 0.23; 'pep': 0.23; 'url:dev': 0.23; 'fix': 0.25; 'modify': 0.25; 'cc:2**0': 0.26; 'module': 0.26; 'code': 0.26; 'function': 0.27; 'import': 0.27; 'random': 0.28; 'bugs': 0.28; 'message-id:@mail.gmail.com': 0.29; 'example': 0.29; 'print': 0.29; 'cc:addr:python.org': 0.29; 'url:wiki': 0.29; 'environment': 0.30; 'unable': 0.30; 'disabled': 0.30; 'math,': 0.30; 'modules,': 0.30; 'received:209.85.210.46': 0.30; 'received :mail-pz0-f46.google.com': 0.30; 'van': 0.30; 'changes': 0.30; '(e.g.': 0.31; 'file.': 0.31; 'proposed': 0.32; 'does': 0.32; 'modules': 0.32; 'implement': 0.32; 'it.': 0.33; 'deny': 0.34; 'url:python': 0.35; 'to:addr:python-announce-list': 0.37; 'run': 0.37; 'but': 0.37; 'received:google.com': 0.37; 'not,': 0.38; 'received:209.85': 0.38; 'uses': 0.38; 'intensive': 0.38; 'accepted': 0.38; 'e.g.': 0.39; 'url:org': 0.39; 'received:209': 0.39; 'cannot': 0.39; 'to:addr:python.org': 0.40; 'more': 0.61; 'choose': 0.64; 'limit': 0.67; 'evaluate': 0.71; 'protect': 0.79; 'limitations.': 0.84; 'victor': 0.91 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=ExlKUneaAzeCZyiUXbr3kqrBAkYByCmd/iFVDBDt/SM=; b=yIplg7my4tUf3WxBzrru55gQOzf38sea2elNWBXsfqjtmfb+T/aovVkUoxzAZlQPPV l9n9Ok4Q6XXh9ITJfz3dWOPgHx//v8wTQMrTZAMgNuvZvqRBMRpeG3Pj72FSt2YhHy7d McczUnZY9cyu7hJ7GDEVUy7EiG2RiF/v/Z4SDAVno8Enpn0gBuK3LZzoAVprSV+cmJiC 9O+tocOcHFT6cix9bbsVf+F1OuuNCgddYte4pVRX4/z6kR9uMKCEGHKTu0SnHWpFeHXs 8bp6VhvOR5YC1RvAMmU/QQXF9W9TqU/Ht8ngFt/7SLo2Ru0YWGWXSMPQOWJbdvWR2T6n mOkA== MIME-Version: 1.0 Date: Tue, 20 Mar 2012 13:32:43 +0100 Subject: pysandbox 1.5 released From: Victor Stinner To: python-announce-list@python.org Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Tue, 20 Mar 2012 15:11:32 +0100 Cc: python-dev@python.org X-BeenThere: python-announce-list@python.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: python-list@python.org List-Id: Announcement-only list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Approved: python-announce-list@python.org Newsgroups: comp.lang.python.announce Message-ID: Lines: 44 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1332252693 news.xs4all.nl 6855 [2001:888:2000:d::a6]:55432 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python.announce:555 pysandbox is a Python sandbox. By default, untrusted code executed in the sandbox cannot modify the environment (write a file, use print or import a module). But you can configure the sandbox to choose exactly which features are allowed or not, e.g. import sys module and read /etc/issue file. http://pypi.python.org/pypi/pysandbox https://github.com/haypo/pysandbox/ Main changes since pysandbox 1.0.3: - More modules and functions are allowed: math, random and time modules, and the compile() builtin function for example - Drop the timeout feature: it was not effective on CPU intensive functions implemented in C - (Read the ChangeLog to see all changes.) pysandbox has known limitations: - it is unable to limit memory or CPU - it does not protect against bugs (e.g. crash) or vulnerabilities in CPython - dict methods able to modify a dict (e.g. dict.update) are disabled to protect the sandbox namespace, but dict[key]=value is still accepted It is recommanded to run untrusted code in a subprocess to workaround these limitations. pysandbox doesn't provide an helper yet. pysandbox is used by an IRC bot (fschfsch) to evaluate a Python expression. The bot uses fork() and setrlimit() to limit memory and to implement a timeout. https://github.com/haypo/pysandbox/wiki/fschfsch -- The limitation on dict methods is required to deny the modification of the __builtins__ dictionary. I proposed the PEP 416 (frozendict) but Guido van Rossum is going to reject it. I don't see how to fix this limitation without modifying CPython. http://www.python.org/dev/peps/pep-0416/ Victor