Hi Vinj, On Mon, Feb 19, 2007 at 08:05 -0800, Vinj Vinj wrote: > I've been following pypy dev for several years and > this is my first post here. Thanks for all the hard > work you guys have put in, it is truly exciting to see > what pypy has accomplished so far. > > I'm currently building a distributing financial > trading application that allows users to write trading > models in python and lua. I had to introduce lua, > since there is no way to completely "secure" user > models written in cPython. > > I'm working with a modified Lua core which allows me > to restrict the max memory and max CPU cycles > available for each vm. I then have a python-lua bridge > code that allows you exchange data and function calls > between the two. > > Would I be able to do something similar with pypy?
PyPy does not (currently) aim at offering cpu/mem restrictions, but you could use virtual hosts (XEN or vserver) for that, both offer such restriction settings. PyPy itself may help with the Taint Object Space: http://codespeak.net/pypy/dist/pypy/doc/objspace-proxies.html#the-taint-object-space to track sensitive data flows in your application and prevent it from accidentally leaking. > Would I be able to ensure that no malicious user is > able to bring my hosted application down? I'd probably use kernel-level security for that, maybe in combination with VM provided features. (not sure if you refer to processing of user-input or to DOS attacks or some other security aspects, it obviously all depends a bit on concrete use cases and intentions). > Are any of you guys going to be at pycon-2007? Michael and Christian are going to be there, myself i am busy preparing for the upcoming sprints, but i am happy to discuss possibilities some time. best, holger -- merlinux GmbH Steinbergstr. 42 31139 Hildesheim http://merlinux.de tel +49 5121 20800 75 (fax 77) _______________________________________________ [email protected] http://codespeak.net/mailman/listinfo/pypy-dev
