Re: Gnumeric/Guile/Python

From: Ian McKellar <imckellar harvestroad com au>
To: James Henstridge <james daa com au>
Cc: Miguel de Icaza <miguel nuclecu unam mx>, lukka fas harvard edu, dmiller ilogic com au, goldin flight uchicago edu, gnome-list gnome org
Subject: Re: Gnumeric/Guile/Python
Date: Thu, 27 May 1999 11:22:52 +0800

On Thu, May 27, 1999 at 10:31:28AM +0800, James Henstridge wrote:
> 
> You have complete control over modules that the script can import (even
> giving the script a `fake' module object that could check function calls
> down to the argument level before allowing it to proceed).  This way, you
> could for instance prevent the script from importing the socket module
> (ie. no networking allowed), or check calls to the file open function to
> see if they are allowed to read/write a particular file.
> 
> You can get as fine grained security as you want with this setup.  Still,
> I agree that this type of thing should wait until we can assess possible
> problems.

I was playing about with this sort of thing with the goal of building a MUD
in Python. rexec and Bastion give you a quite good sandbox - as good as Java,
but you've still got the old problem of a malicious script creating _lots_
of objects and using up all the memory and swap.

Ian

-- 
"Perl is the COBOL of the '90s" - David Basden

Follow-Ups:
- Re: Gnumeric/Guile/Python
  - From: James Henstridge

References:
- Re: Gnumeric/Guile/Python
  - From: Miguel de Icaza
- Re: Gnumeric/Guile/Python
  - From: James Henstridge

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]