Could we remove the f_yieldfrom attribute from frameobject
(at the Python level) before it is too late and we are stuck with it.
Issue (with patch) here:
http://bugs.python.org/issue13970
Cheers,
Mark.
___
Python-Dev mailing list
Python-Dev@python.org
You can't solve the too much time, without solving the halting problem,
Not sure what you mean by that. It seems to me that it's particularly
easy to do in a roughly portable way, with alarm() for example on all
UNIXes.
What time should you set the alarm for? How much time is enough before
Comparing two objects (of the same type for simplicity)
involves a three stage lookup:
The class has the operator C.__eq__
It can be applied to operator (descriptor protocol): C().__eq__
and it produces a result: C().__eq__(C())
Exceptions can be raised in all 3 phases,
but an exception in the
On 3/5/2012 2:54 AM, Georg Brandl wrote:
On behalf of the Python development team, I'm happy to announce the
first alpha release of Python 3.3.0.
This is a preview release, and its use is not recommended in
production settings.
Python 3.3 includes a range of improvements of the 3.x series, as
Hi,
Le 03/03/2012 22:57, Ned Deily a écrit :
The python.org OS X Pythons (and built-from-source framework builds) add
the Apple-specific directory to the search path in order to allow
sharing of installed third-party packages between the two.
The interesting thing to me here is that Ned’s
Hi,
I noticed that the top-level section in Misc/NEWS (i.e. the section
where we add entries) for 3.3 is for 3.3.0a2 (the next release), but in
2.7 and 3.2 we’re still adding entries to the sections corresponding to
the last RCs. Will the RMs move things when they merge back their
release
In article 4f54c6c3.9040...@netwok.org,
Éric Araujo mer...@netwok.org wrote:
Le 03/03/2012 22:57, Ned Deily a écrit :
The python.org OS X Pythons (and built-from-source framework builds) add
the Apple-specific directory to the search path in order to allow
sharing of installed
[edited for clarity]
In article nad-ef1c38.09444105032...@news.gmane.org,
Ned Deily n...@acm.org wrote:
[...] It affects
user-installed framework-build Pythons, such as those provided by
python.org installers, allowing [the user-installed Pythons] to [use]
distributions that [were]
On Mon, Mar 5, 2012 at 4:41 AM, Mark Shannon m...@hotpy.org wrote:
Comparing two objects (of the same type for simplicity)
involves a three stage lookup:
The class has the operator C.__eq__
It can be applied to operator (descriptor protocol): C().__eq__
and it produces a result:
2012/3/5 Serhiy Storchaka storch...@gmail.com:
05.03.12 11:09, Victor Stinner написав(ла):
pysandbox uses SIGALRM with a timeout of 5 seconds by default. You can
change this timeout or disable it completly.
pysandbox doesn't provide a function to limit the memory yet, you have
to do it
Armin Rigo wrote:
For example, let's assume we can decref
a object to 0 before its last usage, at address x. All you need is
the skills and luck to arrange that the memory at x becomes occupied
by a new bigger string object allocated at x - small_number.
That's a lot of assumptions. When you
On Tue, 06 Mar 2012 10:21:12 +1300
Greg Ewing greg.ew...@canterbury.ac.nz wrote:
What you seem to be saying is Python cannot be sandboxed,
because any code can have bugs. Or, Nothing is ever 100% secure,
because the universe is not perfect. Which is true, but not in
a very interesting way.
On Mon, Mar 5, 2012 at 1:16 PM, Victor Stinner victor.stin...@gmail.com wrote:
2012/3/5 Serhiy Storchaka storch...@gmail.com:
05.03.12 11:09, Victor Stinner написав(ла):
pysandbox uses SIGALRM with a timeout of 5 seconds by default. You can
change this timeout or disable it completly.
I challenge anymore to break pysandbox! I would be happy if anyone
breaks it because it would make it more stronger.
I tried to run the files from Lib/test/crashers and --- kind of
obviously --- I found at least two of them that still segfaults
execfile.py, sometimes with minor edits and
Just forbid the sandboxed code from using the signal module, and set
the signal to the default action (abort).
Ah yes, good idea. It may be an option because depending on the use
case, failing with abort is not always the best option.
The signal module is not allowed by the default policy.
05.03.12 23:16, Victor Stinner написав(ла):
Apply the timeout would require to modify the sum() function.
sum() is just one, simple, example. Any C code could potentially run
long enough. Another example is the recently discussed hashtable
vulnerability:
class badhash: __hash__ =
05.03.12 23:47, Guido van Rossum написав(ла):
Maybe it would make more sense to add such a test to xrange()? (Maybe
not every iteration but every 10 or 100 iterations.)
`sum([10**100]*100)` leads to same effect.
___
Python-Dev mailing list
On Mon, Mar 5, 2012 at 1:21 PM, Greg Ewing greg.ew...@canterbury.ac.nz wrote:
Armin Rigo wrote:
For example, let's assume we can decref
a object to 0 before its last usage, at address x. All you need is
the skills and luck to arrange that the memory at x becomes occupied
by a new bigger
For a comparison, PyPy sandbox is a compiled from higher-level
language program that by design does not have all sorts of problems
described. The amount of code you need to carefully review is very
minimal (as compared to the entire CPython interpreter). It does not
mean it has no bugs, but
I strongly disagree that sandbox is secure because it's just
segfaults and any code is exploitable that way. Finding segfaults
in CPython is easy. As in all you need is armin, a bit of coffee and
a free day. Reasons for this vary, but one of those is that python is
a large code base that does
On Mon, Mar 5, 2012 at 3:40 PM, Martin v. Löwis mar...@v.loewis.de wrote:
I strongly disagree that sandbox is secure because it's just
segfaults and any code is exploitable that way. Finding segfaults
in CPython is easy. As in all you need is armin, a bit of coffee and
a free day. Reasons for
This fix should be applied to the documentation as well.
On Tue, Mar 6, 2012 at 08:59, larry.hastings python-check...@python.org wrote:
http://hg.python.org/cpython/rev/d8f68195210e
changeset: 75448:d8f68195210e
user: Larry Hastings la...@hastings.org
date: Mon Mar 05 22:59:13
22 matches
Mail list logo
