I hope you are at least aware that over the years various multi-year attempts to create Python sandboxes ultimately failed to the point of being altogether abandoned.
Python and Javascript differ fundamentally that Python runtime is intrinsically bound to I/O, like filesystem access - which is a thing that is isolated and "plugged-in by the environment" in Javascript. Besides that, the object model allows one to - sometimes not so easily, but always consistently - bypass any write-restrictions to variables and other memory states that would be used to restrict any access. Ultimately any sandboxing in Python has to be accomplished at OS level (like running everything in a container), at which point there is no granularity to restrict individual Python packages or modules anyway. On Sun, Feb 26, 2023 at 12:32 PM python--- via Python-ideas < python-ideas@python.org> wrote: > Hello all, > > Supply chain attacks are becoming a pressing concern in software > development due to the large number of dependencies and multiple attack > vectors. Using third party modules (libraries, packages etc) is always a > risk but the true potential of these attacks is now being weaponized. One > way to deal with the risk is by limiting access to sensitive APIs like > filesystem, shell, network and ffi so that packages which aren't explicitly > granted permissions cannot use them, reducing their ability to do damage. > > For example, a yaml parser should not need to use ffi, network nor shell. > A command line argument parser library should not use network, ffi nor > filesystem. Deno, a runtime for Typescript contains an interesting > implementation of a permissions model for APIs. > > I strongly think Python could benefit from such functionality and hacked > together a quick experiment here: https://github.com/R9295/cpython > Currently, it only prevents module imports in a very elementary manner but > perhaps it can be of use to spark a discussion for an implementation. > > Looking forward to your thoughts, > Aarnav > _______________________________________________ > Python-ideas mailing list -- python-ideas@python.org > To unsubscribe send an email to python-ideas-le...@python.org > https://mail.python.org/mailman3/lists/python-ideas.python.org/ > Message archived at > https://mail.python.org/archives/list/python-ideas@python.org/message/MZNP5ZJBLMUO74PMZGWJGM6TAZXBK5AS/ > Code of Conduct: http://python.org/psf/codeofconduct/ >
_______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-le...@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/U6YSNV5N2YATTZDSGXU4USA3P7TKEIBZ/ Code of Conduct: http://python.org/psf/codeofconduct/
