[Python-Dev] Python jail: whitelist vs blacklist (original) (raw)

Christian Heimes lists at cheimes.de
Tue Feb 24 18:16:06 CET 2009

• Previous message: [Python-Dev] Python jail: whitelist vs blacklist
• Next message: [Python-Dev] Core sprint page for PyCon 2009 now up
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Victor Stinner wrote:

This approach was implemented in PyPy using two interpreters.

In CPython, we may use proxies on anything to check all operations. jail -- validations --> real world jail <-- proxy objects -- real world tav's jail might be converted to the whitelist approach: - add proxy to builtins - add proxy to globals() - add proxy to dir() - ... well, add proxies to anything going to the jail ;-) and make sure that a proxy can not be modified by itself or read private attributes My approach is maybe naive and imposible to implement :-)

Something similar to your approach is already implemented in Zope 3's security system. Have a look at http://svn.zope.org/zope.security/trunk/src/zope/security/

Christian

• Previous message: [Python-Dev] Python jail: whitelist vs blacklist
• Next message: [Python-Dev] Core sprint page for PyCon 2009 now up
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list