[Python-Dev] Reviving restricted mode? (original) (raw)

Guido van Rossum guido at python.org
Sun Feb 22 22:17:06 CET 2009

• Previous message: [Python-Dev] Reviving restricted mode?
• Next message: [Python-Dev] Reviving restricted mode?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Feb 22, 2009 at 12:10 PM, Greg Ewing <greg.ewing at canterbury.ac.nz> wrote:

Tav is interested in using this on app engine, which doesn't care about segfaults -- the process is simply restarted, nobody gains access to information they shouldn't have. App engine does care about overwriting memory, That doesn't make sense -- how can something not care about segfaults, but care about memory overwriting? If something is capable of causing a segfault, you can't be sure it won't just corrupt memory in some way that doesn't segfault but causes some other problem.

To be more precise, we don't care about crashes caused by NULL pointer dereferencing. Most of the demonstrated crashers work by causing a NULL pointer dereference. Since that crashes immediately, there is no possibility for a further exploit.

-- --Guido van Rossum (home page: http://www.python.org/~guido/)

• Previous message: [Python-Dev] Reviving restricted mode?
• Next message: [Python-Dev] Reviving restricted mode?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list