Hi Geoffrey, On Mon, Sep 19, 2011 at 9:40 PM, Geoffrey Thomas <geo...@mit.edu> wrote: > I'm looking at building a real application using PyPy's sandbox mode, and am > having a harder time than I'd expect finding any examples of people using > the sandbox in the "real world".
This is because, as far as I know, nobody ever did anything "real" with it. At most, a few attempts were discussed but went nowhere, again to my knowledge. The basics work and are believed to be extremely secure, but with no serious review. At least reviewing the few hundreds of lines involved in sandboxing would be a good idea. It is possible that an extension module uses directly raw pointers in a buggy way which would not be caught (workaround: disable most modules); it is also possible that there is a bug in the JIT assembler generation part (workaround: disable the JIT). Right now we are missing interest and use cases to develop it more ourselves, and truthfully, it should rather be done by someone that has an interest in serious security. If you want to work in completing it, we will be happy to provide support :-) A bientôt, Armin. _______________________________________________ pypy-dev mailing list pypy-dev@python.org http://mail.python.org/mailman/listinfo/pypy-dev
