Brett Cannon schrieb:
Basically I am making sure that Python, at the interpreter level (of which there can be several in a single process), can be sandboxed so that they don't harm the OS or other interpreters.
>
My hope is to come up with an interpreter that could run code uploaded by a random user to a web page without any worries of the system being harmed. Hopefully that is enough to let kids experiment without destroying their machines.
That's how Squeak's VM-level sandboxing works, too. Before loading untrusted content we enter sandbox-mode, which is a one-way switch. We use that for Etoys for a couple of years now at squeakland.org.
For those unfamiliar with Etoys - it's a graphic programming environment for kids built in Squeak. While simple on the surface, you can actually get to the underlying Smalltalk system which is a full programming environment.
I just started working on VM-level Sugar integration for Squeak. Others have been working at content-level for quite a while already.
- Bert - _______________________________________________ Sugar mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/sugar
