It seems that there is in fact people out there that are actively trying to create a secure Python; as in a Python that can be used to execute untrusted code within, without endangering your trusted code (or filesystem for that matter).
I was google "securing python" out of interest, to see if something has happened in this respect since the time when I was looking into it when designing my Scavenger system, and it seems that there have been some important progress since then. I found this great article by Tav (Vageesan Sivapathasundaram). It describes how a security system based on object capabilities can be built (and is in fact being built) within the Python interpreter. Some of the ideas are reminiscent of my approach - but what they are doing here is way cooler than what I was playing around with ;-)
By the way they are having a hack-attack, exactly like I did when I was testing Scavenger's security system :-)
No comments:
Post a Comment