Stephan Richter wrote:
> On Wednesday 21 January 2009, Andreas Jung wrote:
>> - RestrictedPython security audit: such an audit has been made
>> by Stefan and Sidnei. I am not qualified to speak about the
>> correctness of the audit. I assume they know what they were
>> doing. Unless objections one might consider this issue as
>> resolved - if not, please speak up.
>
> Note that Jim never explained to me how he does these audits, but I gathered
> some methods he used in conversations. I think I did a pretty thorough job
> during the review.
Yeah, this disturbs me a lot still though :-S
It's a shame Jim has so little time to spend on this...
It's also a shame that no one seems to be able to get any sense out of
the PyPy guys in this area...
One thing that myself and Shane talked briefly about on this list was
re-implementing the AST manipulation as dissallow-by-default filter
rather than a straight manipulation. That way, unexpected stuff should
be allowed by default. That feels like it might be a lot safer when it
comes to python version changes, but I must admit, I haven't looked
closely enough to give a definitive answer...
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
