Re: Python CGI sandboxing advice (packaging of Online Python Tutor) - Was: Re: Best-practice / howto packaging of CGI-based Web app ?
On Sun, Feb 9, 2014 at 11:05 PM, Olivier Berger wrote:
> AFAICS for now, it uses a whitelist of python modules that are allowed
> (see [0]).
Those look mostly safe. Only things I could think of would be entropy
exhaustion via random or DoS via a big bunch of math or a big regex. I
would suggest asking debian-python or the upstream python community
and the Debian security list.
> Maybe a CGI sandboxing solution could be advised, for running over a
> "normal" Debian system ?
https://wiki.python.org/moin/SandboxedPython
--
bye,
pabs
http://wiki.debian.org/PaulWise
Reply to: