Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #91526

Re: Creating a reliable sandboxed Python environment

From Laura Creighton <lac@openend.se>
Subject Re: Creating a reliable sandboxed Python environment
References (5 earlier) <87h9qvxmh0.fsf@jester.gateway.sonic.net> <mailman.210.1432939749.5151.python-list@python.org> <878uc6yhtq.fsf@jester.gateway.sonic.net> <mailman.213.1432953735.5151.python-list@python.org> <874mmuy8ko.fsf@jester.gateway.sonic.net><55697c1f$0$13013$c3e8da3$5496439d@news.astraweb.com>
Date 2015-05-30 13:24 +0200
Newsgroups comp.lang.python
Message-ID <mailman.223.1432985122.5151.python-list@python.org> (permalink)

Show all headers | View raw

In a message of Sat, 30 May 2015 19:00:14 +1000, "Steven D'Aprano" writes:
>I wouldn't have imagined that the claim "it's easier to secure a small
>language with a few features than a big language with lots of features"
>would have been so controversial. I wonder if this claim will be equally as
>controversial?
>
>There is a rough correlation between the number of lines of code in a code
>base, and the number of potential security holes that need to be guarded
>against.

Maybe these aren't controversial if you are doing langauge level
sandboxing, but you don't have to sandbox like that.  Consider, for a
moment, the sandboxing technique used by PyPy
discussed at

http://pypy.readthedocs.org/en/latest/sandbox.html

You think it is way cool, but, alas, you want to sandbox some other
language than Python.

What do you do?  You write an interpreter for this language in
RPython.  Clearly, writing such a thing will be a lot easier for 'the
toy language that does hardly anything I invented this morning' as
opposed to 'javascript that is expected to operate in the real world'
but this has nothing to do with the security aspects of the two
langauges.  You'd have the exact same problem of difficulty even if
you never intend to sandbox the thing at all.   The sandboxing
aspects will happen, automatically, as soon as you have a
written a working interpreter.  The layer that provides the security
doesn't care about your target language, just as long as it is written in
RPython.

As a point of fact, We've _already got_ Topaz, a Ruby interpreter,
Hippy, a PHP interpreter, a Prolog interpreter, a Smalltalk
interpeter, and a javascript interpreter.  Recently we got Pyket a
Racket compiler.  There also exist plenty of experimental languages
written by academic langauge designers, and other crazy people who
like such things.  But don't ask the PyPy project about hard is it to
sandbox one versus the other.  From our point of view, they all cost
the same -- free, as in _already done for you_, same as you get a JIT
for free, and pluggable garbage collectors for free, etc. etc.

If you find this stuff interesting, come check it out.

Laura

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Creating a reliable sandboxed Python environment davidfstr@gmail.com - 2015-05-25 19:24 -0700
  Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-26 12:44 +1000
  Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-25 23:17 -0700
  Re: Creating a reliable sandboxed Python environment Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-05-26 17:10 +1000
    Re: Creating a reliable sandboxed Python environment Laura Creighton <lac@openend.se> - 2015-05-26 09:53 +0200
    Re: Creating a reliable sandboxed Python environment Laura Creighton <lac@openend.se> - 2015-05-26 10:02 +0200
  Re: Creating a reliable sandboxed Python environment Ned Batchelder <ned@nedbatchelder.com> - 2015-05-26 03:21 -0700
  Re: Creating a reliable sandboxed Python environment marco.nawijn@colosso.nl - 2015-05-26 05:01 -0700
  Re: Creating a reliable sandboxed Python environment davidfstr@gmail.com - 2015-05-28 09:34 -0700
    Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-30 20:13 -0700
  Re: Creating a reliable sandboxed Python environment Stefan Behnel <stefan_ml@behnel.de> - 2015-05-28 20:41 +0200
  Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-29 04:51 +1000
    Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-29 11:30 -0700
      Re: Creating a reliable sandboxed Python environment Marko Rauhamaa <marko@pacujo.net> - 2015-05-29 22:12 +0300
        Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-29 13:15 -0700
  Re: Creating a reliable sandboxed Python environment Stefan Behnel <stefan_ml@behnel.de> - 2015-05-29 08:18 +0200
  Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-29 17:41 +1000
    Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-29 11:33 -0700
      Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-30 08:49 +1000
        Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-29 18:28 -0700
          Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-30 12:42 +1000
            Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-29 21:48 -0700
              Re: Creating a reliable sandboxed Python environment Steven D'Aprano <steve@pearwood.info> - 2015-05-30 19:00 +1000
                Re: Creating a reliable sandboxed Python environment Laura Creighton <lac@openend.se> - 2015-05-30 13:24 +0200
                Re: Creating a reliable sandboxed Python environment Steven D'Aprano <steve@pearwood.info> - 2015-05-31 09:52 +1000
                Re: Creating a reliable sandboxed Python environment Modulok <modulok@gmail.com> - 2015-05-30 19:08 -0600
                Re: Creating a reliable sandboxed Python environment Laura Creighton <lac@openend.se> - 2015-05-31 08:14 +0200
                Re: Creating a reliable sandboxed Python environment Stefan Behnel <stefan_ml@behnel.de> - 2015-05-30 20:42 +0200
                Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-30 13:00 -0700
                Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-31 08:20 +1000
                Re: Creating a reliable sandboxed Python environment Paul Rubin <no.email@nospam.invalid> - 2015-05-30 15:36 -0700
                Re: Creating a reliable sandboxed Python environment Laura Creighton <lac@openend.se> - 2015-05-30 22:54 +0200
        Re: Creating a reliable sandboxed Python environment BartC <bc@freeuk.com> - 2015-05-30 13:06 +0100
          Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-30 22:37 +1000
  Re: Creating a reliable sandboxed Python environment Stefan Behnel <stefan_ml@behnel.de> - 2015-05-29 11:23 +0200
  Re: Creating a reliable sandboxed Python environment Chris Angelico <rosuav@gmail.com> - 2015-05-29 19:38 +1000
  Re: Creating a reliable sandboxed Python environment Laura Creighton <lac@openend.se> - 2015-05-29 11:56 +0200

csiph-web