Steven D'Aprano wrote: > On Thu, 16 Nov 2006 04:02:58 +0100, Fredrik Tolf wrote: > > >>Hi List! >> >>I was thinking about secure Python code execution, and I'd really >>appreciate some comments from those who know Python better than I do. >> >>I was thinking that maybe it could be possible to load and run untrusted >>Python code, simply by loading it in a module with a modified version of >>__builtins__. Without any reachable function that do unsafe operations, >>code running from there shouldn't be able to do evil things. > > > How would you prevent a Denial Of Service attack like this? > > # don't try this at home kids! leave this to the professionals! > n = 10000**4 > L = [] > for i in range(n): > L.append(str(2L**n)) > > Here's an interesting one. Bug or deliberate attack? > > > def evens(): > # iterator returning even numbers > i = 0 > while True: > yield i > i += 2 > # now get all the even numbers up to 15 > L = [n for n in evens() if n < 15] > > >
congraulations you have discovered loops and their misuse -- http://mail.python.org/mailman/listinfo/python-list
