Hi, On Sun, Aug 19, 2007 at 12:33:09PM +0200, Armin Rigo wrote: > Then in the directory where the sources were created, compile with the > extra RPython-level assertions enabled: > > make CFLAGS="-O2 -DRPY_ASSERT" > mv testing_1 /some/path/pypy-c-sandbox
You can now just say 'make llsafer' instead. This enables a new flag, -DRPY_LL_ASSERT, which differs from RPY_ASSERT in some ways explained in translator/c/src/support.h and which is better suited for this situation. I would say that the resulting sandboxed PyPy is quite safe then - at most, it will abort() itself if you play too strange tricks with 'exec new.code(...)'. For paranoia bonus points you can enable both RPY_ASSERT and RPY_LL_ASSERT. For what it's worth, the -DRPY_LL_ASSERT inserts tons of checks everywhere, for an acceptable performance hit (~10%?). A bientot, Armin. _______________________________________________ [email protected] http://codespeak.net/mailman/listinfo/pypy-dev
