Re: [Python-Dev] The pysandbox project is broken

On Sat, Nov 16, 2013 at 02:53:22AM -0800, Maciej Fijalkowski wrote: > On Fri, Nov 15, 2013 at 6:56 PM, Trent Nelson wrote: > > On Tue, Nov 12, 2013 at 01:16:55PM -0800, Victor Stinner wrote: > >> pysandbox cannot be used in practice > >> > >> > >> To protect th

Re: [Python-Dev] The pysandbox project is broken

On Fri, Nov 15, 2013 at 6:56 PM, Trent Nelson wrote: > On Tue, Nov 12, 2013 at 01:16:55PM -0800, Victor Stinner wrote: >> pysandbox cannot be used in practice >> >> >> To protect the untrusted namespace, pysandbox installs a lot of >> different protections. Bec

Re: [Python-Dev] The pysandbox project is broken

On Sat, Nov 16, 2013 at 12:12 PM, Nick Coghlan wrote: > On 16 Nov 2013 11:35, "Christian Tismer" wrote: >> IOW: Do we really need a full abstraction, embedded in a virtual OS, or >> is there already a compromise that suits 98 percent of the common needs? >> >> I think as a starter, categorizing t

Re: [Python-Dev] The pysandbox project is broken

On 16 Nov 2013 11:35, "Christian Tismer" wrote: > IOW: Do we really need a full abstraction, embedded in a virtual OS, or > is there already a compromise that suits 98 percent of the common needs? > > I think as a starter, categorizing the expectations of some measure of > 'secure python' > would

Re: [Python-Dev] The pysandbox project is broken

On 11/15/2013 02:24 PM, Christian Tismer wrote: I appreciate very much that Victor tried his best to fill that old gap. And after that breakage happened again, I think it is urgent to have an > in-depth discussion how that situation should be treated in the > future. +1 -- ~Ethan~ __

Re: [Python-Dev] The pysandbox project is broken

On 16.11.13 01:35, Guido van Rossum wrote: On Fri, Nov 15, 2013 at 4:31 PM, Nick Coghlan > wrote: "Use an OS level sandbox" *is* better from a security point of view. It's just not portable :P Honestly, I don't believe in portable security. :-) BTW, in case

Re: [Python-Dev] The pysandbox project is broken

On Fri, Nov 15, 2013 at 4:31 PM, Nick Coghlan wrote: > "Use an OS level sandbox" *is* better from a security point of view. It's > just not portable :P > Honestly, I don't believe in portable security. :-) BTW, in case it wasn't clear, I think it was a courageous step by Victor to declare defea

Re: [Python-Dev] The pysandbox project is broken

On 16 Nov 2013 08:25, "Christian Tismer" wrote: > > On 13/11/13 00:49, Josiah Carlson wrote: >> >> >> Python-dev is for the development of the Python core language, the CPython runtime, and libraries. Your sandbox, despite using and requiring deep knowledge of the runtime, is not developing those

Re: [Python-Dev] The pysandbox project is broken

On 13/11/13 00:49, Josiah Carlson wrote: Python-dev is for the development of the Python core language, the CPython runtime, and libraries. Your sandbox, despite using and requiring deep knowledge of the runtime, is not developing those things. If you had a series of requests for the language

Re: [Python-Dev] The pysandbox project is broken

On Nov 15, 2013, at 12:34 PM, Victor Stinner wrote: > 2013/11/15 Trent Nelson : >>This sounds a lot like the work I initially did with PyParallel to >>try and intercept/prevent parallel threads mutating main-thread >>objects. >> >>I ended up arriving at a much better solution by

Re: [Python-Dev] The pysandbox project is broken

2013/11/15 Trent Nelson : > This sounds a lot like the work I initially did with PyParallel to > try and intercept/prevent parallel threads mutating main-thread > objects. > > I ended up arriving at a much better solution by just relying on > memory protection; main thread pages

Re: [Python-Dev] The pysandbox project is broken

On Tue, Nov 12, 2013 at 01:16:55PM -0800, Victor Stinner wrote: > pysandbox cannot be used in practice > > > To protect the untrusted namespace, pysandbox installs a lot of > different protections. Because of all these protections, it becomes > hard to write Py

Re: [Python-Dev] The pysandbox project is broken

Hi Victor, On Wed, Nov 13, 2013 at 12:58 AM, Victor Stinner wrote: > I now gave up on sandboxing Python. I just would like to warn other > core developers that trying to put a sandbox in Python is not a good > idea :-) I cannot thank you enough for writing this mail :-) It is a great place to p

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 10:27 AM, Brett Cannon wrote: > > > > On Wed, Nov 13, 2013 at 1:05 PM, Eli Bendersky wrote: > >> >> >> >> On Wed, Nov 13, 2013 at 6:58 AM, Brett Cannon wrote: >> >>> >>> >>> >>> On Wed, Nov 13, 2013 at 6:30 AM, Facundo Batista < >>> facundobati...@gmail.com> wrote: >>> >

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 2:48 PM, Christian Heimes wrote: > Am 13.11.2013 23:37, schrieb Eli Bendersky: > > Yeah, it definitely could. There are two problems currently: 1) the > > patches are for 2.7.x and 2) they have some ugly hacks in them. But I > > will talk to the guy who worked on that and h

Re: [Python-Dev] The pysandbox project is broken

Am 13.11.2013 23:37, schrieb Eli Bendersky: > Yeah, it definitely could. There are two problems currently: 1) the > patches are for 2.7.x and 2) they have some ugly hacks in them. But I > will talk to the guy who worked on that and hopefully we'll be able to > have something cleaned up for upstream

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 10:27 AM, Brett Cannon wrote: > > > > On Wed, Nov 13, 2013 at 1:05 PM, Eli Bendersky wrote: > >> >> >> >> On Wed, Nov 13, 2013 at 6:58 AM, Brett Cannon wrote: >> >>> >>> >>> >>> On Wed, Nov 13, 2013 at 6:30 AM, Facundo Batista < >>> facundobati...@gmail.com> wrote: >>> >

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 1:05 PM, Eli Bendersky wrote: > > > > On Wed, Nov 13, 2013 at 6:58 AM, Brett Cannon wrote: > >> >> >> >> On Wed, Nov 13, 2013 at 6:30 AM, Facundo Batista < >> facundobati...@gmail.com> wrote: >> >>> On Wed, Nov 13, 2013 at 4:37 AM, Maciej Fijalkowski >>> wrote: >>> >>> >

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 6:58 AM, Brett Cannon wrote: > > > > On Wed, Nov 13, 2013 at 6:30 AM, Facundo Batista > wrote: > >> On Wed, Nov 13, 2013 at 4:37 AM, Maciej Fijalkowski >> wrote: >> >> >> Do you think it would be productive to create an independent Python >> >> compiler, designed with sa

Re: [Python-Dev] The pysandbox project is broken

On 13/11/2013 09:33, Simon Cross wrote: Thanks for writing this email. It's well written and it takes a lot of character to stand up and say you went down the wrong road. While I'm here - thanks also for all your work on core Python. As a Python user I really appreciate it. Schiavo Simon Big

Re: [Python-Dev] The pysandbox project is broken

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/13/2013 01:54 AM, Nick Coghlan wrote: > I actually applaud his decision to post his final conclusion to the > list, even though it wasn't the outcome he was hoping for. Negative > data is still data :) Amen! I also applaud the work he put into

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 6:30 AM, Facundo Batista wrote: > On Wed, Nov 13, 2013 at 4:37 AM, Maciej Fijalkowski > wrote: > > >> Do you think it would be productive to create an independent Python > >> compiler, designed with sandboxing in mind from the beginning? > > > > PyPy sandbox does work FYI

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 4:37 AM, Maciej Fijalkowski wrote: >> Do you think it would be productive to create an independent Python >> compiler, designed with sandboxing in mind from the beginning? > > PyPy sandbox does work FYI > > It might not do exactly what you want, but it both provides a full

Re: [Python-Dev] The pysandbox project is broken

Thanks for writing this email. It's well written and it takes a lot of character to stand up and say you went down the wrong road. While I'm here - thanks also for all your work on core Python. As a Python user I really appreciate it. Schiavo Simon ___ P

Re: [Python-Dev] The pysandbox project is broken

2013/11/13 Glenn Linderman : > If it is an implementation issue, then perhaps a different implementation > would help. Or perhaps a "safe compiler". There is PyPy with its sandbox. > If it is a language design issue, then a different implementation wouldn't > help, it would require a new language

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 2:11 AM, Steven D'Aprano wrote: > On Wed, Nov 13, 2013 at 12:58:42AM +0100, Victor Stinner wrote: > >> I now gave up on sandboxing Python. I just would like to warn other >> core developers that trying to put a sandbox in Python is not a good >> idea :-) > > Do you mean CPy

Re: [Python-Dev] The pysandbox project is broken

Am 13.11.2013 00:49, schrieb Josiah Carlson: > Python-dev is for the development of the Python core language, the CPython > runtime, and libraries. Your sandbox, despite using and requiring deep > knowledge > of the runtime, is not developing those things. If you had a series of > requests > for

Re: [Python-Dev] The pysandbox project is broken

On 13 Nov 2013 09:56, "Josiah Carlson" wrote: > > Python-dev is for the development of the Python core language, the CPython runtime, and libraries. Your sandbox, despite using and requiring deep knowledge of the runtime, is not developing those things. If you had a series of requests for the lang

Re: [Python-Dev] The pysandbox project is broken

On 13 Nov 2013 12:11, "Christian Heimes" wrote: > > Am 13.11.2013 01:47, schrieb Glenn Linderman: > > If it is an implementation issue, then perhaps a different > > implementation would help. Or perhaps a "safe compiler". > > > > If it is a language design issue, then a different implementation >

Re: [Python-Dev] The pysandbox project is broken

On 13 Nov 2013 13:44, "Ned Batchelder" wrote: > > On 11/12/13 6:48 PM, Terry Reedy wrote: >> >> On 11/12/2013 4:16 PM, Victor Stinner wrote: >> >>> It would also be nice to help developers looking for a sandbox for >>> their application. Please tell me if you know sandbox projects for >>> Python s

Re: [Python-Dev] The pysandbox project is broken

On 11/12/13 6:48 PM, Terry Reedy wrote: On 11/12/2013 4:16 PM, Victor Stinner wrote: It would also be nice to help developers looking for a sandbox for their application. Please tell me if you know sandbox projects for Python so I can redirect users of pysandbox to a safer solution. I already k

Re: [Python-Dev] The pysandbox project is broken

Am 13.11.2013 01:47, schrieb Glenn Linderman: > If it is an implementation issue, then perhaps a different > implementation would help. Or perhaps a "safe compiler". > > If it is a language design issue, then a different implementation > wouldn't help, it would require a new language, or a restric

Re: [Python-Dev] The pysandbox project is broken

On 11/12/2013 4:11 PM, Steven D'Aprano wrote: On Wed, Nov 13, 2013 at 12:58:42AM +0100, Victor Stinner wrote: >I now gave up on sandboxing Python. I just would like to warn other >core developers that trying to put a sandbox in Python is not a good >idea:-) Do you mean CPython? Do you think i

Re: [Python-Dev] The pysandbox project is broken

On Wed, Nov 13, 2013 at 12:58:42AM +0100, Victor Stinner wrote: > I now gave up on sandboxing Python. I just would like to warn other > core developers that trying to put a sandbox in Python is not a good > idea :-) Do you mean CPython? Do you think it would be productive to create an independen

Re: [Python-Dev] The pysandbox project is broken

On Tue, Nov 12, 2013 at 3:53 PM, Victor Stinner wrote: > 2013/11/13 Terry Reedy : > > There are several websites running submitted Python code (and in some > cases, > > many other languages). > > ProjectEuler > > CodeAcademy (I think they use someone else's code box) > > CheckIO.org - python only

Re: [Python-Dev] The pysandbox project is broken

2013/11/13 Terry Reedy : > There are several websites running submitted Python code (and in some cases, > many other languages). > ProjectEuler > CodeAcademy (I think they use someone else's code box) > CheckIO.org - python only > other coding challenge sites > I suspect they use sandboxed processe

Re: [Python-Dev] The pysandbox project is broken

2013/11/13 Josiah Carlson : > Python-dev is for the development of the Python core language, the CPython > runtime, and libraries. Your sandbox, despite using and requiring deep > knowledge of the runtime, is not developing those things. If you had a > series of requests for the language or runtime

Re: [Python-Dev] The pysandbox project is broken

Python-dev is for the development of the Python core language, the CPython runtime, and libraries. Your sandbox, despite using and requiring deep knowledge of the runtime, is not developing those things. If you had a series of requests for the language or runtime that would make your job easier, th

Re: [Python-Dev] The pysandbox project is broken

On 11/12/2013 4:16 PM, Victor Stinner wrote: It would also be nice to help developers looking for a sandbox for their application. Please tell me if you know sandbox projects for Python so I can redirect users of pysandbox to a safer solution. I already know PyPy sandbox. There are several web

Re: [Python-Dev] The pysandbox project is broken

On 13 Nov 2013 07:18, "Victor Stinner" wrote: > > Please tell me if you know sandbox projects for Python so I can > redirect users of pysandbox to a safer solution. I already know PyPy > sandbox. Sandboxing is hard enough (see also the many JVM vulnerabilities) that the only ones I even remotely

[Python-Dev] The pysandbox project is broken

Hi, After having work during 3 years on a pysandbox project to sandbox untrusted code, I now reached a point where I am convinced that pysandbox is broken by design. Different developers tried to convinced me before that pysandbox design is unsafe, but I had to experience it myself to be convinece