On Thu, Aug 14, 2014 at 02:26:29AM +1000, Chris Angelico wrote: > On Wed, Aug 13, 2014 at 11:11 PM, Isaac Morland <ijmor...@uwaterloo.ca> wrote: > > While I would not claim a Python sandbox is utterly impossible, I'm > > suspicious that the whole "consenting adults" approach in Python is > > incompatible with a sandbox. The whole idea of a sandbox is to absolutely > > prevent people from doing things even if they really want to and know what > > they are doing.
The point of a sandbox is that I, the consenting adult writing the application in the first place, may want to allow *untrusted others* to call Python code without giving them control of the entire application. The consenting adults rule applies to me, the application writer, not them, the end-users, even if they happen to be writing Python code. If they want unrestricted access to the Python interpreter, they can run their code on their own machine, not mine. > It's certainly not *fundamentally* impossible to sandbox Python. > However, the question becomes one of how much effort you're going to > go to and how much you're going to restrict the code. I believe that PyPy has an effective sandbox, but to what degree of effectiveness I don't know. http://pypy.readthedocs.org/en/latest/sandbox.html I've had rogue Javascript crash my browser or make my entire computer effectively unusable often enough that I am skeptical about claims that Javascript in the browser is effectively sandboxed, so I'm doubly cautious about Python. -- Steven _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
