-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 22.01.2009 10:38 Uhr, Chris Withers wrote:
Stephan Richter wrote:
On Wednesday 21 January 2009, Andreas Jung wrote:
- RestrictedPython security audit: such an audit has been made by Stefan and Sidnei. I am not qualified to speak about the correctness of the audit. I assume they know what they were doing. Unless objections one might consider this issue as resolved - if not, please speak up.
Note that Jim never explained to me how he does these audits, but I gathered some methods he used in conversations. I think I did a pretty thorough job during the review.
Yeah, this disturbs me a lot still though :-S
It's a shame Jim has so little time to spend on this...
Take your hat and collect some money for hiring Jim :-)
It's also a shame that no one seems to be able to get any sense out of the PyPy guys in this area...
One thing that myself and Shane talked briefly about on this list was re-implementing the AST manipulation as dissallow-by-default filter rather than a straight manipulation. That way, unexpected stuff should be allowed by default. That feels like it might be a lot safer when it comes to python version changes, but I must admit, I haven't looked closely enough to give a definitive answer...
You know the difference between fiction and the reality. We have RP now and have to deal with it within a reasonable amount of time. Andreas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkl4Wp4ACgkQCJIWIbr9KYxNnwCeOcvTqwCPsoXvPFh6lJ03+un2 NaEAn2kU7climKJQXvnnmOhJPJ3ZVkhJ =fUMO -----END PGP SIGNATURE-----