[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited) (original) (raw)

Jon Ribbens jon+python-dev at unequivocal.co.uk
Sun Apr 10 12:43:08 EDT 2016

On Sat, Apr 09, 2016 at 02:43:19PM +0200, Victor Stinner wrote:

Please don't loose time trying yet another sandbox inside CPython. It's just a waste of time. It's broken by design.

Please read my email about my attempt (pysandbox): https://lwn.net/Articles/574323/ And the LWN article: https://lwn.net/Articles/574215/ There are a lot of safe ways to run CPython inside a sandbox (and not rhe opposite). I started as you, add more and more things to a blacklist, but it doesn't work.

That's the opposite of my approach though - I'm starting small and adding things, not starting with everything and removing stuff. Even if what we end up with is an extremely restricted subset of Python, there are still cases where that could be a useful tool to have.

I've read your links above, and indeed everything I can find written by anyone about historical attempts to sandbox Python. I'm aware that others have tried and failed at this in the past, so it's certainly true that there is room for suspicion that this simply cannot be done.

However on the other hand, nobody has tried before to do what I am doing (static code analysis), so it's not necessarily a safe assumption that the idea is doomed. For example, as far as I can see, none of the methods used to break out of your pysandbox would work to break out of my experiment.

More information about the Python-Dev mailing list