[Python-Dev] Sandboxing Python
"Martin v. Löwis"
martin at v.loewis.de
Tue Mar 6 00:40:05 CET 2012
More information about the Python-Dev mailing list
Tue Mar 6 00:40:05 CET 2012
- Previous message: [Python-Dev] Sandboxing Python
- Next message: [Python-Dev] Sandboxing Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> I strongly disagree that sandbox is secure because it's "just > segfaults" and "any code is exploitable that way". Finding segfaults > in CPython is "easy". As in all you need is armin, a bit of coffee and > a free day. Reasons for this vary, but one of those is that python is > a large code base that does not have automatic ways of preventing such > issues like C-level recursion. > > For a comparison, PyPy sandbox is a compiled from higher-level > language program that by design does not have all sorts of problems > described. The amount of code you need to carefully review is very > minimal (as compared to the entire CPython interpreter). It does not > mean it has no bugs, but it does mean finding segfaults is a > significantly harder endeavour. There are no bug-free programs, > however having for example to segfault an arbitrary interpreter > *written* in Python would be significantly harder than one in C, > wouldn't it? While this may true, I can't conclude that we should stop fixing crashers in CPython, or give up developing CPython altogether. While it is a large code base, it is also a code base that will be around for a long time to come, so any effort spend on this today will pay off in the years to come. Regards, Martin
- Previous message: [Python-Dev] Sandboxing Python
- Next message: [Python-Dev] Sandboxing Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list