Re: Debian two-factor auth, GSoC?

To: debian-devel@lists.debian.org
Subject: Re: Debian two-factor auth, GSoC?
From: Don Armstrong <don@debian.org>
Date: Thu, 11 Apr 2013 23:55:37 -0700
Message-id: <[🔎] 20130412065537.GC15805@teltox.donarmstrong.com>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 8738uws0ow.fsf@windlord.stanford.edu>
References: <[🔎] 5166FCA0.70504@pocock.com.au> <[🔎] 20130411190440.GA32523@emyr.net> <[🔎] m2a9p43m5t.fsf@rahvafeir.err.no> <[🔎] 5167A1F7.9070401@debian.org> <[🔎] 8738uws0ow.fsf@windlord.stanford.edu>

On Thu, 11 Apr 2013, Russ Allbery wrote:
> Sandboxing programming languages is very difficult; most languages
> don't even attempt it. Perl used to have a sandboxing module and
> gave up on it because it was too hard, thus making it even less
> secure than Java in that specific respect, but no one calls it a
> security nightmare.

It still exists; it's called Safe. It works fairly well, but it's
really hard to balance actually being able to execute code that does
anything useful with maintaining security.


Don Armstrong

-- 
I'd never hurt another living thing.
But if I did...
It would be you.
 -- Chris Bishop  http://www.chrisbishop.com/her/archives/her69.html

http://www.donarmstrong.com              http://rzlab.ucr.edu

Reply to:

Follow-Ups:
- Re: Debian two-factor auth, GSoC?
  - From: Russ Allbery <rra@debian.org>

References:
- Debian two-factor auth, GSoC?
  - From: Daniel Pocock <daniel@pocock.com.au>
- Re: Debian two-factor auth, GSoC?
  - From: Luca Filipozzi <lfilipoz@debian.org>
- Re: Debian two-factor auth, GSoC?
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Debian two-factor auth, GSoC?
  - From: Thomas Goirand <zigo@debian.org>
- Re: Debian two-factor auth, GSoC?
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: Debian two-factor auth, GSoC?
Next by Date: Re: Debian two-factor auth, GSoC?
Previous by thread: Re: Debian two-factor auth, GSoC?
Next by thread: Re: Debian two-factor auth, GSoC?
Index(es):
- Date
- Thread