[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [pygame] pygame webplugin
i see. isn't there a way to block modules from being importable somehow? and only allow the absolutely needed and secure ones?
the same problem also exists with standalone pygame applications though, or not? someone could make a game that formats your harddisk? but with a webplugin it would be more serious since you potentially reach a bigger audience and it runs automatically?
On 7/8/06, Luke Paireepinart <rabidpoobear@xxxxxxxxx> wrote:
machinimist@xxxxxxxxx wrote:
> hi,
>
> with google i came across various hints that people work on a pygame
> webplugin. what did happen to these projects?
>
> i think having a python alternative to flash and java applets would be
> awesome! :)
>
> what are the difficulties involved in doing such a webplugin? i guess
> if it were easy it already would have been done?
The biggest problem I see is security.
What keeps the web programmer from doing an os.popen("FORMAT C:/") or
whatever?
you have to go through every function and make sure it's not a security
risk, and if it is, eliminate it.
Whitelisting would be the answer here I think, blacklisting would take
too long.
But yeah, being able to do animations in python would roxxor.