Revision 7 as of 2008-12-05 15:07:58

Clear message

Notes about Python Security.

Taint mode

Nicole King ( wrote a taint mode for CPython 3.0: Python Taint Management.


=> ncoghlan: PyPy is still a *much* better platform for that kind of experimentation than CPython

See also the presentation: Securing Python: Controling the abilities of the interpreter, PyCon US 2007, Brett Cannon and Eric Wohlstadter

Python Security Response Team

Some members:

Email: security AT

Controlling Access to Resources Within The Python Interpreter


See PyPy project: PyPy's sandboxing features.

Unsafe modules


Victor Stinner wrote a fuzzer called Fusil to test Python. It already helped to fix many bugs. fusil-python works on Python 2.4 .. 3.0.

Fusil was also used on PyPy (Finding Bugs in PyPy with a Fuzzer).

Unable to edit the page? See the FrontPage for instructions.