Re: [pygame] pygame web plugin

[Peter Shinners <pete@xxxxxxxxxxxx>]

J Dunford wrote:
> On Fri, Sep 5, 2008 at 6:07 PM, machinimist@xxxxxxxxx 
> <mailto:machinimist@xxxxxxxxx> <machinimist@xxxxxxxxx 
> <mailto:machinimist@xxxxxxxxx>> wrote:
>
>     hi,
>      
>     i would like to bring up this topic again since a python based
>     open source alternative to flash which could be used to create
>     browser games would be super awesome. :)
>      
>     if i understand this correctly then the main problem of something
>     like that is security.
>      
>
>
> In my experience, the general consensus with sandboxing python is - 
> don't try it. There are simply too many holes to plug, and finding 
> them in the first place is often a matter of trial and error.
>
> Having said that, there was a blog post recently (sorry, don't 
> remember where) that talked about compiling Python into Tamarin VM 
> code. There was some mention of either using PyPy as a starting point, 
> or perhaps as a reference model.
>
> So what you're proposing may already be in the works. :)


Sandboxing python must be done at the operating system and process 
level, not with Python itself. Google is already running tons of 
"untrusted" python code with their Google App Hosting. The interpreter 
and modules are modified a bit themselves, but the real security comes 
from real process sandboxing.

I also believe you can do pretty good sandboxing with different Python 
runtimes. I think Jython and Ironpython can both be run in containers 
that those systems provide. The default "CPython" interpreter can 
probably only be as secure as C itself.