On Thu, 06 Jan 2005 16:05:50 +0100, Peter Maas <[EMAIL PROTECTED]> wrote: >Craig Ringer schrieb: > > That is my understanding. In fact, I'd say with Python it's nearly > > impossible given how dynamic everything is and the number of tricks that > > can be used to obfuscate what you're doing. Think of the fun that can be > > had with str.encode / str.decode and getattr/hasattr . > > It would certainly be difficult to track all harmful code constructs. > But AFAIK the idea of a sandbox is not to look at the offending code > but to protect the offended objects: files, databases, URLs, sockets > etc. and to raise a security exception when some code tries to offend > them. Jython is as dynamic as C-Python and yet it generates class > files behaving well under the JVM's security regime. > > > > > I looked into this, and my conclusion ended up being "Well, I'm using > > Python because I want it's power and flexibilty. If I want a secure > > scripting environment, I should use something like Lua or Qt Script for > > Applications instead." > > It would be good for Python if it would offer a secure mode. Some > time ago I asked my hosting provider whether I could use mod_python > with apache to run Python scripts in the same way as PHP scripts. > He denied that pointing to Python security issues and to PHP safe. > mode. Python IS powerful but there are many areas where it is of > vital interest who is allowed to use its power and what can be done > with it. I think it would be a pity to exclude Python from these > areas where a lot of programming/computing is done.
A Python sandbox would be useful, but the hosting provider's excuse for not allowing you to use mod_python is completely bogus. All the necessary security tools for that situation are provided by the platform in the form of process and user separation. Jp -- http://mail.python.org/mailman/listinfo/python-list