Message 385410 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Mark.Shannon
Recipients	Mark.Shannon, ammar2, christian.heimes, lunixbochs2, steve.dower, vstinner
Date	2021-01-21.11:53:07
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1611229987.38.0.389502725439.issue42800@roundup.psfhosted.org>
In-reply-to

Content
I agree with Victor, we should not be attempting to build a sandbox. https://www.python.org/dev/peps/pep-0578/#why-not-a-sandbox Preventing access to global variables is next to impossible. Adding more and more hooks to prevent access to globals, merely adds the illusion of security. Sooner or later, someone will find a path to globals that would have a serious impact on performance to block. We should assume that globals are accessible from user code, and write the audit function accordingly. Either in C or using a closure.

I agree with Victor, we should not be attempting to build a sandbox.
https://www.python.org/dev/peps/pep-0578/#why-not-a-sandbox

Preventing access to global variables is next to impossible. Adding more and more hooks to prevent access to globals, merely adds the illusion of security. Sooner or later, someone will find a path to globals that would have a serious impact on performance to block.

We should assume that globals are accessible from user code, and write the audit function accordingly. Either in C or using a closure.

History
Date	User	Action	Args
2021-01-21 11:53:07	Mark.Shannon	set	recipients: + Mark.Shannon, vstinner, christian.heimes, steve.dower, ammar2, lunixbochs2
2021-01-21 11:53:07	Mark.Shannon	set	messageid: <1611229987.38.0.389502725439.issue42800@roundup.psfhosted.org>
2021-01-21 11:53:07	Mark.Shannon	link	issue42800 messages
2021-01-21 11:53:07	Mark.Shannon	create