[Python-Dev] new security doc using object-capabilities (original) (raw)

Giovanni Bajo rasky at develer.com
Thu Jul 20 12:36:35 CEST 2006

• Previous message: [Python-Dev] new security doc using object-capabilities
• Next message: [Python-Dev] new security doc using object-capabilities
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Brett Cannon wrote:

The new doc is named securingpython.txt and can be found through the svn web interface at http://svn.python.org/view/python/branches/bcannon-sandboxing/securing_python.txt?rev=50717&view=log.

How do you plan to handle CPU-hogs? Stuff like execution of a gigantic integer multiplication.

This recipe for safe_eval: http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496746 which is otherwise very cute, does not handle this case as well: it tries to catch and interrupt long-running operations through a secondary thread, but fails on a single long operation because the GIL is not released and the alarm thread does not get its chance to run.

Giovanni Bajo

• Previous message: [Python-Dev] new security doc using object-capabilities
• Next message: [Python-Dev] new security doc using object-capabilities
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list