Re: Gnumeric/Guile/Python

From: James Henstridge <james daa com au>
To: Ian McKellar <imckellar harvestroad com au>
cc: Gnome List <gnome-list gnome org>
Subject: Re: Gnumeric/Guile/Python
Date: Thu, 27 May 1999 17:42:20 +0800 (WST)

In this case, you would have to track all object allocations, which is not
efficient.  If resource limitation is that important, it probably is best
to run the client code in a separate process (which you give lower
resource limits), and have a clearly defined API for communication between
the two processes (CORBA or ILU may be appropriate here).

James.

--
Email: james@daa.com.au
WWW:   http://www.daa.com.au/~james/

On Thu, 27 May 1999, Ian McKellar wrote:

> On Thu, May 27, 1999 at 02:39:21PM +0800, James Henstridge wrote:
> > It is difficult to prevent this in just about any language.  For these
> > sort of problems, the most effective way to prevent them is to use the
> > operating system's resource limiting capabilities.  AFAIK java/javascript
> > does not have protection against these sort of attacks.
> 
> Yes, Java and JavaScript are succeptible to these attacks too - this is one of
> the reasons I looked to python for secure execution. Operating system resource
> limiting is not an option when you want to have a bunch of untrused and 
> trusted code running in one process.
> 
> Ian
> 
> -- 
> "Perl is the COBOL of the '90s" - David Basden
>

References:
- Re: Gnumeric/Guile/Python
  - From: Ian McKellar

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]