[Python-Dev] The pysandbox project is broken (original) (raw)
Nick Coghlan ncoghlan at gmail.com
Sat Nov 16 01:31:05 CET 2013
- Previous message: [Python-Dev] The pysandbox project is broken
- Next message: [Python-Dev] The pysandbox project is broken
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 16 Nov 2013 08:25, "Christian Tismer" <tismer at stackless.com> wrote:
On 13/11/13 00:49, Josiah Carlson wrote:
Python-dev is for the development of the Python core language, the CPython runtime, and libraries. Your sandbox, despite using and requiring deep knowledge of the runtime, is not developing those things. If you had a series of requests for the language or runtime that would make your job easier, then your thread would be on-topic. I think you should consider to re-define you perception of the purpose of the python-dev list. Simple feature-requests is not everything. Instead, this list also touches the general direction where python should go, and discusses the current hard-to-solve problems. The sand-boxing feature via rexec, bastion etc. was perceived as a useful, quite safe thing, until it was proven to be completely broken (Samuele Pedroni et. at., 2003 I think). After that, CPython simply removed those features and failed completely to provide a better solution.
"Use an OS level sandbox" is better from a security point of view. It's just not portable :P
Cheers, Nick. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20131116/e1f3ed0e/attachment.html>
- Previous message: [Python-Dev] The pysandbox project is broken
- Next message: [Python-Dev] The pysandbox project is broken
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]