Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!selfless.tophat.at!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path: <bsk16@case.edu>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.010
X-Spam-Evidence: '*H*': 0.98; '*S*': 0.00; 'subject:test': 0.05; 'subject:Python': 0.06; 'python': 0.08; '21,': 0.09; 'pm,': 0.10; 'wrote:': 0.14; 'angelico': 0.16; 'obvious.': 0.16; 'subject:embedded': 0.16; '\xa0maybe': 0.16; 'tue,': 0.17; 'language': 0.18; 'writes:': 0.19; 'header:In-Reply-To:1': 0.21; 'message-id:@mail.gmail.com': 0.28; 'paul': 0.28; 'community': 0.32; 'to:addr:python-list': 0.33; 'actually': 0.33; "i'll": 0.34; 'chris': 0.34; 'widespread': 0.35; 'several': 0.36; 'received:google.com': 0.37; 'received:74.125': 0.38; 'smaller': 0.38; 'subject:: ': 0.38; 'should': 0.39; 'to:addr:python.org': 0.39; 'your': 0.60; 'pyjamas': 0.84; 'holes': 0.91; 'subject:Security': 0.97
MIME-Version: 1.0
In-Reply-To: <7xei2my4fd.fsf@ruckus.brouhaha.com>
References: <mailman.258.1308703797.1164.python-list@python.org> <7xhb7i7hes.fsf@ruckus.brouhaha.com> <mailman.262.1308710118.1164.python-list@python.org> <7xei2my4fd.fsf@ruckus.brouhaha.com>
Date: Tue, 21 Jun 2011 20:09:30 -0700
Subject: Re: Security test of embedded Python
From: Benjamin Kaplan <benjamin.kaplan@case.edu>
To: python-list@python.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Junkmail-Status: score=10/49, host=mpv2.tis.cwru.edu
X-Junkmail-Signature-Raw: score=unknown, refid=str=0001.0A020207.4E015CEC.0088,ss=1,fgs=0, ip=74.125.83.182, so=2010-12-23 16:51:53, dmn=2009-09-10 00:05:08, mode=single engine
X-Junkmail-IWF: false
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.265.1308712175.1164.python-list@python.org>
Lines: 12
NNTP-Posting-Host: 82.94.164.166
X-Trace: 1308712175 news.xs4all.nl 49180 [::ffff:82.94.164.166]:46694
X-Complaints-To: abuse@xs4all.nl
Xref: x330-a1.tempe.blueboxinc.net comp.lang.python:8172

On Tue, Jun 21, 2011 at 7:40 PM, Paul Rubin <no.email@nospam.invalid> wrote=
:
> Chris Angelico <rosuav@gmail.com> writes:
>> I'll also be looking into Pike. Unfortunately its community is far
>> smaller than Python's, so security holes may be less obvious.
>
> Actually the most obvious and widespread sandboxed language these days
> is Javascript. =A0There's several embeddable implementations. =A0Maybe yo=
u
> should just use one of those.

Use Pyjamas with that and now you have your sandboxed Python :)