Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #8163

Re: Security test of embedded Python

From Paul Rubin <no.email@nospam.invalid>
Newsgroups comp.lang.python
Subject Re: Security test of embedded Python
References <mailman.258.1308703797.1164.python-list@python.org>
Date 2011-06-21 19:02 -0700
Message-ID <7xhb7i7hes.fsf@ruckus.brouhaha.com> (permalink)
Organization Nightsong/Fort GNOX

Show all headers | View raw

Chris Angelico <rosuav@gmail.com> writes:
> users to supply scripts which will then run on our servers...
> The environment is Python 3.3a0 embedded in C++, running on Linux.

This doesn't sound like a bright idea, given the well-known difficulty
of sandboxing Python.

Geordi <http://weegen.home.xs4all.nl/eelis/geordi/> has some interesting
examples (C++) you might want to try translating to Python and running
on your server.  It uses ptrace to control the execution of potentially
hostile code.  I don't know if any exploits have been found or whether
it's still active.

Maybe you want to look at Lua.  IMHO it's not a very nice language, but
I've heard that it's easy to embed and sandbox.

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Security test of embedded Python Chris Angelico <rosuav@gmail.com> - 2011-06-22 10:49 +1000
  Re: Security test of embedded Python Paul Rubin <no.email@nospam.invalid> - 2011-06-21 19:02 -0700
    Re: Security test of embedded Python Chris Angelico <rosuav@gmail.com> - 2011-06-22 12:35 +1000
      Re: Security test of embedded Python Paul Rubin <no.email@nospam.invalid> - 2011-06-21 19:40 -0700
        Re: Security test of embedded Python Benjamin Kaplan <benjamin.kaplan@case.edu> - 2011-06-21 20:09 -0700
        Re: Security test of embedded Python Chris Angelico <rosuav@gmail.com> - 2011-06-22 13:26 +1000
          Re: Security test of embedded Python Paul Rubin <no.email@nospam.invalid> - 2011-06-21 20:42 -0700
            Re: Security test of embedded Python Dennis <daodennis@gmail.com> - 2011-06-21 22:37 -0700
    Re: Security test of embedded Python Chris Angelico <rosuav@gmail.com> - 2011-06-22 12:44 +1000
      Re: Security test of embedded Python Irmen de Jong <irmen.NOSPAM@xs4all.nl> - 2011-06-22 19:33 +0200

csiph-web