Secur(e/ing) Python?

by jesse in ,


I was reading over some of the new(er) comments on the Bugzilla Language comments page and one of them caught my eye:

Zope 3 indeed has zope.security (soon coming as an egg near you :). README.txt, code, svn co svn://svn.zope.org/repos/main/zope.security/trunk zope.security) - faassen

Reading that reminded me of Brett Cannon's work around securing the interpreter.

Restricted access / sand boxing is something I'd love to poke around in (one day, the amount of things I want to work on is growing) - the OLPC uses the very nice Bitfrost model for it's security "platform" and having something easily access/leveraged within the Python interpreter landscape for secure python application implementation would be great.

You can see some of Brett's additional work here:Python security paper online and Rethinking Imports

Here's a cool ASPN recipe too: Restricted "safe" eval.

I highly recommend people look at the new Zope stuff and Brett's work, I'll be freshening my python src tree dump and try compiling it one of these days.