Hi Laura, I should have known that you'd be one of the first to reply. ;-)
On Dec 9, 2007 6:04 PM, Laura Creighton <[EMAIL PROTECTED]> wrote: > In a message of Sun, 09 Dec 2007 13:22:10 -0400, "Andre Roberge" writes: > You may want to start by reading this. > http://codespeak.net/pypy/dist/pypy/doc/sandbox.html I had read that, but it was not clear to me. > > Cpython is the python you know and use, the one that is written in C. > pypy-c is a pypy interpreter, which could be interpreting python, but > could also be interpreting prolog, or javascript, or squeak -- and > which produces as its output c code that you can run. Just so you > don't confuse them as you are reading. > Ok, I had more or less understood that. > > > [snip] > > > >Here are a few more specific questions: > > > >1 a. Is it possible to create a "sandboxed python interpreter" that > >can be included as a module distributed with a cPython based program > >(Crunchy) without having pypy included in the distribution? > >1 b. If so, does that module has to be (pre-)compiled for a given > >target machine? > > > >2. Is it possible to limit the time for a given process (as mentioned abo > >ve)? > > > > This list is the appropriate place for this discussion. But so is > #pypy on irc.freenode.net. There you can hold real conversations, > so its often faster to figure things out by talking to us there. > Sorry, I'm too old for the irc stuff ;-) > Can you post the details of the architecture of crunchy? Hmm, I'm not sure I can do that very well... the best I can do I think is to describe what it does. 1. Crunchy retrieves an html page. 2. It process it, removing pre-existing javascript and various undesired html tags 3. It identifies where it needs to add custom elements (new html tags & javascript code) 4. It feeds the page to the browser, leaving a line of communication open, waiting for user instruction. At step 3. above, a new thread is started for each place in the page where an interaction with a Python interpreter is required. Following user interaction (click of a button or entering some code in an html input box), the user code is fed back to the appropriate interpreter (thread) and the result is sent back to the browser. If I recall correctly, the interpreter used is a small variation from code.py included in Python standard library. It is this part (I believe) that needs to be sandboxed - a single module. > Where does > the student's code run? On the student's machine? or on the teacher's > server machine? Right now Crunchy is primarily used in a single user environment. It would be possible to host it on a server, but it would be very insecure to do so. Ideally it should be hosted in a secure way on a server in most situations. > > The ability to sandbox is a property of the architecture of pypy. > It's not a module that you could port to Cpython. The person you > want to sandbox has to be running pypy. > Darn :( I was hoping I could somehow just call a sandboxed interpreter module .... Then again, it means that I'll have to try pypy myself, and play with it - something I meant to do ... but did not for lack of time. It also makes it more of a burden on potential users if they have to install pypy in addition to Crunchy. Thanks for your clarifications, > Laura > PS. Yes, Laura, it is cold and there is snow (unusual at this time of the year) in your beloved Nova Scotia ;-) _______________________________________________ [email protected] http://codespeak.net/mailman/listinfo/pypy-dev
