[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian two-factor auth, GSoC?



Don Armstrong <don@debian.org> writes:
> On Thu, 11 Apr 2013, Russ Allbery wrote:

>> Sandboxing programming languages is very difficult; most languages
>> don't even attempt it. Perl used to have a sandboxing module and gave
>> up on it because it was too hard, thus making it even less secure than
>> Java in that specific respect, but no one calls it a security
>> nightmare.

> It still exists; it's called Safe. It works fairly well, but it's really
> hard to balance actually being able to execute code that does anything
> useful with maintaining security.

Oh, I thought they'd given up on Safe.  For some reason it stuck in my
mind that it had too many issues and ended up being deprecated.
Apparently, I either made that up or misremembered something.

Thanks for the correction!

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>


Reply to: