In a message of Sat, 30 May 2015 19:00:14 +1000, "Steven D'Aprano" writes: >I wouldn't have imagined that the claim "it's easier to secure a small >language with a few features than a big language with lots of features" >would have been so controversial. I wonder if this claim will be equally as >controversial? > >There is a rough correlation between the number of lines of code in a code >base, and the number of potential security holes that need to be guarded >against.
Maybe these aren't controversial if you are doing langauge level sandboxing, but you don't have to sandbox like that. Consider, for a moment, the sandboxing technique used by PyPy discussed at http://pypy.readthedocs.org/en/latest/sandbox.html You think it is way cool, but, alas, you want to sandbox some other language than Python. What do you do? You write an interpreter for this language in RPython. Clearly, writing such a thing will be a lot easier for 'the toy language that does hardly anything I invented this morning' as opposed to 'javascript that is expected to operate in the real world' but this has nothing to do with the security aspects of the two langauges. You'd have the exact same problem of difficulty even if you never intend to sandbox the thing at all. The sandboxing aspects will happen, automatically, as soon as you have a written a working interpreter. The layer that provides the security doesn't care about your target language, just as long as it is written in RPython. As a point of fact, We've _already got_ Topaz, a Ruby interpreter, Hippy, a PHP interpreter, a Prolog interpreter, a Smalltalk interpeter, and a javascript interpreter. Recently we got Pyket a Racket compiler. There also exist plenty of experimental languages written by academic langauge designers, and other crazy people who like such things. But don't ask the PyPy project about hard is it to sandbox one versus the other. From our point of view, they all cost the same -- free, as in _already done for you_, same as you get a JIT for free, and pluggable garbage collectors for free, etc. etc. If you find this stuff interesting, come check it out. Laura -- https://mail.python.org/mailman/listinfo/python-list
