494
Comment:
|
1157
|
Deletions are marked like this. | Additions are marked like this. |
Line 13: | Line 13: |
See also the presentation: [http://us.pycon.org/common/talkdata/PyCon2007/062/PyCon_2007.pdf Securing Python: Controling the abilities of the interpreter], PyCon US 2007, Brett Cannon and Eric Wohlstadter == Python Security Response Team == Some members: * Brett Cannon Email: security AT python.org == Controlling Access to Resources Within The Python Interpreter == * URL: http://sayspy.blogspot.com/2007/04/python-security-paper-online.html * Paper: [http://www.cs.ubc.ca/~drifty/papers/python_security.pdf Controlling Access to Resources Within The Python Interpreter], Brett Cannon and Eric Wohlstadter, University of British Columbia |
Notes about Python Security.
Taint mode
Nicole King (cats-muvva.net) wrote a taint mode for CPython 3.0: http://www.cats-muvva.net/software/
Problems:
amaury: The patch is indeed huge!
fijall: it seems that every function that returns a PyObject must be modified
fijall: need to patch (...) all places that might modify anything. (All side effects)
=> ncoghlan: PyPy is still a *much* better platform for that kind of experimentation than CPython
See also the presentation: [http://us.pycon.org/common/talkdata/PyCon2007/062/PyCon_2007.pdf Securing Python: Controling the abilities of the interpreter], PyCon US 2007, Brett Cannon and Eric Wohlstadter
Python Security Response Team
Some members:
- Brett Cannon
Email: security AT python.org
Controlling Access to Resources Within The Python Interpreter
URL: http://sayspy.blogspot.com/2007/04/python-security-paper-online.html
Paper: [http://www.cs.ubc.ca/~drifty/papers/python_security.pdf Controlling Access to Resources Within The Python Interpreter], Brett Cannon and Eric Wohlstadter, University of British Columbia